Sensitive Information Exposure Vulnerability in Apache Commons VFS
CVE-2025-30474

Currently unrated

Key Information:

Vendor

Apache
Status
Apache Commons Vfs
Vendor
CVE Published:
23 March 2025

What is CVE-2025-30474?

A vulnerability in Apache Commons VFS allows the FtpFileObject class to expose sensitive information, including potential passwords, through exception messages when a file is not found. This issue affects versions prior to 2.10.0 and can lead to unauthorized access. Users are urged to upgrade to version 2.10.0 to secure their systems by masking sensitive data in exception messages.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Apache Commons VFS 0 < 2.10.0

References

https://issues.apache.org/jira/browse/VFS-169
related
https://lists.apache.org/thread/w6ztgnbk6ccry3470x191g3xw...
vendor-advisory

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Marek Ĺ unda
JSON
.