cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-47554,https://securityvulnerability.io/vulnerability/CVE-2024-47554,Uncontrolled Resource Consumption Vulnerability in Apache Commons IO,"The vulnerability in the org.apache.commons.io.input.XmlStreamReader class can lead to excessive CPU resource consumption due to the processing of specially crafted input. This behavior may create significant performance issues, particularly when handling untrusted XML data. To mitigate this risk, it is recommended that users upgrade to Apache Commons IO version 2.14.0 or later, where this issue has been addressed. Proper security measures should be considered when dealing with external inputs to prevent potential exploitation.",Apache,Apache Commons Io,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-03T11:32:48.936Z,0
CVE-2021-29425,https://securityvulnerability.io/vulnerability/CVE-2021-29425,"Possible limited path traversal vulnerabily in Apache Commons IO ","In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like ""//../foo"", or ""\\..\foo"", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus ""limited"" path traversal), if the calling code would use the result to construct a path value.",Apache,Apache Commons Io,4.8,MEDIUM,0.001879999996162951,false,,false,false,false,,,false,false,,2021-04-13T06:50:12.000Z,0