Apache Software Foundation Commons FileUpload 1.3.1

CPE Details

Apache Software Foundation Commons FileUpload 1.3.1
apache
commons_fileupload
1.3.1
2014-04-01
11h37 +00:00
2014-04-02
12h06 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:apache:commons_fileupload:1.3.1:*:*:*:*:*:*:*

Informations

Vendor

apache

Product

commons_fileupload

Version

1.3.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-24998 2023-02-20 15h57 +00:00 Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured.
7.5
Haute
CVE-2016-1000031 2016-10-25 12h00 +00:00 Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
9.8
Critique
CVE-2016-3092 2016-07-04 20h00 +00:00 The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
7.5
Haute