Moderate: Red Hat Security Advisory: apache-commons-vfs security update

An update for apache-commons-vfs is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Commons VFS provides a single API for accessing various different file systems. It presents a uniform view of the files from various different sources, such as the files on local disk, on an HTTP server, or inside a Zip archive. Some of the features of Commons VFS are: * A single consistent API for accessing files of different types. * Support for numerous file system types. * Caching of file information. Caches information in-JVM, and optionally can cache remote file information on the local file system. * Event delivery. * Support for logical file systems made up of files from various different file systems. * Utilities for integrating Commons VFS into applications, such as a VFS-aware ClassLoader and URLStreamHandlerFactory. * A set of VFS-enabled Ant tasks. Security Fix(es): apache-commons-vfs: Apache Commons VFS: Possible path traversal issue when using NameScope.DESCENDENT (CVE-2025-27553) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References…Read More