In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
Neither the method in question (FileNameUtils.normalize) nor any methods, that invoke it, do actually access any files. There's only a string returned, from which a path can be constructed. In other words, a possible workaround would be not passing any unsafe input to FileNameUtils.normalize.
References
History
No history.

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2024-08-03T22:02:51.887Z
Reserved: 2021-03-30T00:00:00
Link: CVE-2021-29425

No data.

Status : Modified
Published: 2021-04-13T07:15:12.327
Modified: 2024-11-21T06:01:04.113
Link: CVE-2021-29425


No data.