rpm package
suse/jakarta-commons-fileupload&distro=SUSE Linux Enterprise Server 12 SP4-LTSS
pkg:rpm/suse/jakarta-commons-fileupload&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-24998 | — | < 1.1.1-122.8.1 | 1.1.1-122.8.1 | Feb 20, 2023 | Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configur | ||
| CVE-2016-3092 | Hig | 7.5 | < 1.1.1-122.8.1 | 1.1.1-122.8.1 | Jul 4, 2016 | The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long bo |
- CVE-2023-24998Feb 20, 2023affected < 1.1.1-122.8.1fixed 1.1.1-122.8.1
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configur
- affected < 1.1.1-122.8.1fixed 1.1.1-122.8.1
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long bo