Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/commons-io/commons-io@2.11.0
purl pkg:maven/commons-io/commons-io@2.11.0
Next non-vulnerable version 2.14.0
Latest non-vulnerable version 2.14.0
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-epm8-6b5f-s7aa
Aliases:
CVE-2024-47554
GHSA-78wr-2p64-hpwj
Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The `org.apache.commons.io.input.XmlStreamReader` class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.
2.14.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T23:10:16.925942+00:00 GitLab Importer Affected by VCID-epm8-6b5f-s7aa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-io/commons-io/CVE-2024-47554.yml 38.4.0
2026-04-12T00:28:33.714680+00:00 GitLab Importer Affected by VCID-epm8-6b5f-s7aa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-io/commons-io/CVE-2024-47554.yml 38.3.0
2026-04-03T00:36:19.344528+00:00 GitLab Importer Affected by VCID-epm8-6b5f-s7aa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/commons-io/commons-io/CVE-2024-47554.yml 38.1.0