Critical Vulnerability Information Vulnerability Details CVE-2021-48655 - Description: A path traversal vulnerability exists in versions of Apache Commons FileUpload prior to 1.3.2. Attackers can bypass security checks by including special characters in the file upload path. - CVSS Base Score: 7.5 - CVSS Vector: [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:A/E:H] CVE-2020-48734 - Description: The method in the Apache Commons BeanUtils library allows access to all properties of Java objects, including sensitive properties, potentially leading to remote code execution. - CVSS Base表 Score: 8.0 - CVSS Vector: [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:A/E:H] CVE-2021-27222 - Description: The method returns incorrect results when processing passwords longer than 72 characters. - CVSS Base Score: 6.5 - CVSS Vector: [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:A/E:H] CVE-2021-27273 - Description: The class contains a path traversal vulnerability when resolving path patterns. - CVSS Base Score: 8.0 - CVSS Vector: [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:A/E:H] CVE-2020-32332 - Description: The annotation in the Spring framework has input validation issues when processing request parameters. - CVSS Base Score: 9.2 - CVSS Vector: [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:A/E:H] CVE-2020-36000 - Description: Improper configuration of in the Spring framework may lead to unauthorized access. - CVSS Base Score: 8.2 - CVSS Vector: [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:A/E:H] CVE-2020-54104 - Description: IBM Process Mining may be vulnerable to open redirect attacks. - CVSS Base Score: 6.3 - CVSS Vector: [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:A/E:H] Affected Products and Versions IBM Process Mining: 2.0.0, 2.0.1 Remediation Upgrade to version 2.0.2 Workarounds and Mitigations No specific workarounds or mitigations available