The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.
Language
JAVA
Vulnerability
Directory Traversal
Vulnerability description
commons-io is vulnerable to directory traversal. Invoking the method FileNameUtils.normalize with a malicious input string would potentially allow access to files within the parent directory.
Veracode Software Composition Analysis
FileNameUtils.normalize
with a malicious input string would potentially allow access to files within the parent directory.Links: