Search Results (Refine Search)
- CPE Product Version: cpe:/a:apache:commons_fileupload:1.3.2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-24998 |
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured. Published: February 20, 2023; 11:15:10 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2016-1000031 |
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution Published: October 25, 2016; 10:29:00 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |