CVE-2021-29425
Published at:
-
13-04-2021 09:15
Last modified:
-
24-09-2022 05:58
Total changes:
-
35
Description
Common Vulnerability Scoring System (CVSS)
High
Attack complexity
Network
Attack vector
None
Availability
Low
Confidentiality
Low
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
4.8
Base score
2.2
2.5
Exploitability score
Impact score
Verification logic
Reference
- https://issues.apache.org/jira/browse/IO-556
- https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E
- [commons-dev] 20210414 Re: [all] OSS Fuzz-Mailing List, Vendor Advisory
- [commons-dev] 20210415 Re: [all] OSS Fuzz-Mailing List, Vendor Advisory
- [pulsar-commits] 20210420 [GitHub] [pulsar] lhotari opened a new pull request #10287: [Security] Upgrade commons-io to address CVE-2021-29425-Mailing List, Vendor Advisory
- [pulsar-commits] 20210420 [GitHub] [pulsar] merlimat merged pull request #10287: [Security] Upgrade commons-io to address CVE-2021-29425-Mailing List, Vendor Advisory
- [creadur-dev] 20210427 [jira] [Created] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity-Mailing List, Vendor Advisory
- [creadur-dev] 20210427 [jira] [Commented] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity-Mailing List, Vendor Advisory
- [creadur-dev] 20210427 [jira] [Closed] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity-Mailing List, Vendor Advisory
- [creadur-dev] 20210427 [jira] [Updated] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity-Mailing List, Vendor Advisory
- [pulsar-commits] 20210429 [pulsar] branch branch-2.7 updated: [Security] Upgrade commons-io to address CVE-2021-29425 (#10287)-Mailing List, Third Party Advisory
- [myfaces-dev] 20210504 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #808: build: CVE fix-Mailing List, Third Party Advisory, Vendor Advisory
- [creadur-dev] 20210518 [jira] [Updated] (WHISKER-19) Update commons-io to fix CVE-2021-29425-Mailing List, Third Party Advisory
- [creadur-dev] 20210518 [jira] [Commented] (WHISKER-19) Update commons-io to fix CVE-2021-29425-Mailing List, Third Party Advisory
- [creadur-dev] 20210518 [jira] [Created] (WHISKER-19) Update commons-io to fix CVE-2021-29425-Mailing List, Third Party Advisory
- [creadur-dev] 20210518 [jira] [Assigned] (WHISKER-19) Update commons-io to fix CVE-2021-29425-Mailing List, Third Party Advisory
- [kafka-users] 20210617 vulnerabilities-Mailing List, Third Party Advisory
- [creadur-dev] 20210621 [jira] [Commented] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity-Mailing List, Third Party Advisory
- [commons-user] 20210709 commons-fileupload dependency and CVE-Mailing List, Third Party Advisory
- [commons-user] 20210709 Re: commons-fileupload dependency and CVE-Mailing List, Third Party Advisory
- [portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-789) Upgrade to commons-io-2.7 due to CVE-2021-29425-Mailing List, Third Party Advisory
- [portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-789 Upgrade to commons-io-2.7 due to CVE-2021-29425-Mailing List, Patch, Third Party Advisory
- [portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-789) Upgrade to commons-io-2.7 due to CVE-2021-29425-Mailing List, Third Party Advisory
- [zookeeper-issues] 20210805 [jira] [Updated] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210805 [GitHub] [zookeeper] ztzg opened a new pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.7 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-issues] 20210805 [jira] [Created] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6-Mailing List, Third Party Advisory
- [zookeeper-dev] 20210805 [jira] [Created] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210805 [GitHub] [zookeeper] ztzg commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.7 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210806 [GitHub] [zookeeper] nkalmar commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.7 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [debian-lts-announce] 20210812 [SECURITY] [DLA 2741-1] commons-io security update-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210813 [GitHub] [zookeeper] eolivelli commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210813 [GitHub] [zookeeper] eolivelli commented on a change in pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210813 [GitHub] [zookeeper] ztzg commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210816 [GitHub] [zookeeper] nkalmar commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210816 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg commented on a change in pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210825 [GitHub] [zookeeper] eolivelli commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg edited a comment on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-issues] 20210901 [jira] [Resolved] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6-Mailing List, Third Party Advisory
- [zookeeper-notifications] 20210901 [GitHub] [zookeeper] ztzg closed pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Third Party Advisory
- [zookeeper-commits] 20210901 [zookeeper] branch master updated: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)-Mailing List, Patch, Third Party Advisory
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://security.netapp.com/advisory/ntap-20220210-0004/
- https://www.oracle.com/security-alerts/cpuapr2022.html
- N/A-
Keywords