CVE-2021-29425

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.
References
Link Resource
https://issues.apache.org/jira/browse/IO-556 Exploit Issue Tracking Vendor Advisory
https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E Mailing List Third Party Advisory Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:commons_io:2.2:-:*:*:*:*:*:*
cpe:2.3:a:apache:commons_io:2.3:-:*:*:*:*:*:*
cpe:2.3:a:apache:commons_io:2.4:-:*:*:*:*:*:*
cpe:2.3:a:apache:commons_io:2.5:-:*:*:*:*:*:*
cpe:2.3:a:apache:commons_io:2.6:-:*:*:*:*:*:*

Information

Published : 2021-04-13 07:15

Updated : 2021-05-04 13:34


NVD link : CVE-2021-29425

Mitre link : CVE-2021-29425


JSON object : View

Products Affected

apache

  • commons_io
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')