rpm package
suse/jakarta-commons-fileupload&distro=SUSE Linux Enterprise Server 12 SP2-BCL
pkg:rpm/suse/jakarta-commons-fileupload&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-24998 | — | < 1.1.1-122.8.1 | 1.1.1-122.8.1 | Feb 20, 2023 | Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configur | ||
| CVE-2016-1000031 | Cri | 9.8 | < 1.1.1-122.3.1 | 1.1.1-122.3.1 | Oct 25, 2016 | Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution | |
| CVE-2016-3092 | Hig | 7.5 | < 1.1.1-122.8.1 | 1.1.1-122.8.1 | Jul 4, 2016 | The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long bo |
- CVE-2023-24998Feb 20, 2023affected < 1.1.1-122.8.1fixed 1.1.1-122.8.1
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configur
- affected < 1.1.1-122.3.1fixed 1.1.1-122.3.1
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
- affected < 1.1.1-122.8.1fixed 1.1.1-122.8.1
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long bo