VYPR

GWTUpload

by Manolo

CVEs (1)

  • CVE-2020-13128HigMay 18, 2020
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service.