From 3554f340c1c7805410fd93eb1eedb0b2f936fb25 Mon Sep 17 00:00:00 2001 From: tao Date: Fri, 28 Apr 2023 02:20:58 +0000 Subject: [PATCH] =?UTF-8?q?update=20pom.xml.=20=E8=AF=A5=E7=89=88=E6=9C=AC?= =?UTF-8?q?=E5=AD=98=E5=9C=A8=E6=BC=8F=E6=B4=9E=EF=BC=8CCVE-2021-29425?= =?UTF-8?q?=E3=80=82=20=E6=BC=8F=E6=B4=9E=E6=8F=8F=E8=BF=B0=EF=BC=9AIn=20A?= =?UTF-8?q?pache=20Commons=20IO=20before=202.7,=20When=20invoking=20the=20?= =?UTF-8?q?method=20FileNameUtils.normalize=20with=20an=20improper=20input?= =?UTF-8?q?=20string,=20like=20"//../foo",=20or=20"\\..\foo",=20the=20resu?= =?UTF-8?q?lt=20would=20be=20the=20same=20value,=20thus=20possibly=20provi?= =?UTF-8?q?ding=20access=20to=20files=20in=20the=20parent=20directory,=20b?= =?UTF-8?q?ut=20not=20further=20above=20(thus=20"limited"=20path=20travers?= =?UTF-8?q?al),=20if=20the=20calling=20code=20would=20use=20the=20result?= =?UTF-8?q?=20to=20construct=20a=20path=20value.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: tao --- pom.xml | 1 + 1 file changed, 1 insertion(+) diff --git a/pom.xml b/pom.xml index 80df759..b64f997 100644 --- a/pom.xml +++ b/pom.xml @@ -79,6 +79,7 @@ commons-io commons-io 2.4 + 2.8 -- Gitee