CVE-2025-27553

{"id": "CVE-2025-27553", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-03-23T15:15:13.377", "references": [{"url": "https://lists.apache.org/thread/cnzqowyw9r2pl263cylmxhnvh41hyjcb", "tags": ["Mailing List", "Vendor Advisory"], "source": "[email protected]"}, {"url": "http://www.openwall.com/lists/oss-security/2025/03/23/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00006.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-23"}]}], "descriptions": [{"lang": "en", "value": "Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0.\n\nThe FileObject API in Commons VFS has a 'resolveFile' method that\ntakes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that \"an exception is thrown if the resolved file is not a descendent of\nthe base file\". However, when the path contains encoded \"..\"\ncharacters (for example, \"%2E%2E/bar.txt\"), it might return file objects that are not\na descendent of the base file, without throwing an exception.\nThis issue affects Apache Commons VFS: before 2.10.0.\n\nUsers are recommended to upgrade to version 2.10.0, which fixes the issue."}, {"lang": "es", "value": "Vulnerabilidad de Path Traversal relativo en Apache Commons VFS anterior a la versi\u00f3n 2.10.0. La API FileObject de Commons VFS incluye un m\u00e9todo \"resolveFile\" que utiliza el par\u00e1metro \"scope\". Especificar \"NameScope.DESCENDENT\" implica que se lanzar\u00e1 una excepci\u00f3n si el archivo resuelto no es descendiente del archivo base. Sin embargo, si la ruta contiene caracteres \"..\" codificados (por ejemplo, \"%2E%2E/bar.txt\"), podr\u00eda devolver objetos de archivo que no son descendientes del archivo base, sin lanzar una excepci\u00f3n. Este problema afecta a Apache Commons VFS anterior a la versi\u00f3n 2.10.0. Se recomienda actualizar a la versi\u00f3n 2.10.0, que soluciona el problema."}], "lastModified": "2025-04-02T22:15:19.203", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:commons_vfs:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BABF8CF-5800-484E-9B46-701503CA903B", "versionEndExcluding": "2.10.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}