Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 6 of 6 results

CVE-2023-24998

Medium priority
Needs evaluation

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the...

1 affected packages

libcommons-fileupload-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2016-1000031

Negligible priority
Ignored

Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution

4 affected packages

libcommons-fileupload-java, tomcat6, tomcat7, tomcat8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java Ignored
tomcat6 Ignored
tomcat7 Ignored
tomcat8 Ignored
Show less packages

CVE-2016-3092

Medium priority

Some fixes available 8 of 13

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a...

5 affected packages

libcommons-fileupload-java, tomcat6, tomcat7, tomcat8, tomcat9

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java Not affected Not affected Not affected Not affected Fixed
tomcat6 Not in release Not in release Not in release Not in release Vulnerable
tomcat7 Not in release Not in release Not in release Not affected Fixed
tomcat8 Not in release Not in release Not in release Not affected Fixed
tomcat9 Not affected Not affected Not affected Not affected Not in release
Show less packages

CVE-2014-0050

Medium priority

Some fixes available 2 of 8

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a...

3 affected packages

libcommons-fileupload-java, tomcat6, tomcat7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java Not affected Not affected
tomcat6 Not in release Not affected
tomcat7 Not affected Not affected
Show less packages

CVE-2013-2186

Medium priority
Fixed

The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL...

1 affected packages

libcommons-fileupload-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java
Show less packages

CVE-2013-0248

Negligible priority
Ignored

The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.

1 affected packages

libcommons-fileupload-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcommons-fileupload-java
Show less packages