Components Vulnerabilities Pricing MCP API

Find vulnerabilities. Fix fast with AI.

Search components by package, version, or CVE to get started.

commons-io/commons-io 2.6 | Vulnerabilities | Sonatype Guide

Get full component data and automated fixes with Sonatype Guide.

Sign up for free

commons-io

2.6

commons-io 2.6

commons-io

PublishedOct 15, 2017•Policy

compliance

Developer Trust Score

Recommended Version:x.y.z

Latest version with 0 known vulnerabilities that meets your policy.

Compare Versions

Severity

Critical (0)

High (0)

Medium (2)

Low (0)

CVSS Score

0.010.0

EPSS Score

0.01.0

Malware

KEV StatusPublished

5.3CVE-2024-47554

Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.

PublishedOct 4, 2024

5.3sonatype-2018-0705

commons-io - Path Traversal [CVE-2021-29425]

Published

Aug 19, 2020