Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

MheemskerkATLASSIAN:BSERV-8977

HistoryJul 20, 2016 - 8:22 a.m.

Upgrade commons-fileupload to version >= 1.3.2

2016-07-2008:22:15

mheemskerk

jira.atlassian.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.043 Low

EPSS

Percentile

91.3%

JSON

This is to mitigate CVE-2016-3092

See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092 for details

CPENameOperatorVersion
bitbucket serverle4.8.1
bitbucket serverlt4.8.2
bitbucket serverlt4.9.0

Name	Operator	Version
bitbucket server	le	4.8.1
bitbucket server	lt	4.8.2
bitbucket server	lt	4.9.0

redhat 8

ibm 97

nessus 27

openvas 22

f5 2

tomcat 3

myhack58 1

checkpoint_advisories 1

freebsd 2

atlassian 3

fedora 3

ubuntucve 1

amazon 1

debian 7

osv 5

veracode 2

mageia 1

debiancve 1

jvn 1

github 2

prion 2

ubuntu 2

cve 2

redhatcve 1

gentoo 1

centos 1

redhat

(RHSA-2016:2069) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.11 update on RHEL 7

2016-10-17 18:09:27

(RHSA-2016:2071) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.11 update

2016-10-17 18:09:50

(RHSA-2016:2070) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.11 update on RHEL 5

2016-10-17 18:09:40

ibm

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server that is shipped with IBM Rational ClearQuest (CVE-2016-3092)

2020-02-04 16:40:40

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server affecting IBM Tivoli Storage Manager FastBack Reporting (CVE-2016-3092)

2018-06-17 15:31:31

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact (CVE-2016-3092)

2018-06-17 15:47:06

nessus

Fedora 24 : 1:tomcat (2016-2b0c16fd82)

2016-09-02 00:00:00

FreeBSD : Apache Commons FileUpload -- denial of service (61b8c359-4aab-11e6-a7bd-14dae9d210b8)

2016-07-18 00:00:00

FreeBSD : Apache Commons FileUpload -- denial of service (DoS) vulnerability (cbceeb49-3bc7-11e6-8e82-002590263bf5)

2016-06-27 00:00:00

openvas

Debian Security Advisory DSA 3614-1 (tomcat7 - security update)

2016-07-02 00:00:00

Amazon Linux: Security Advisory (ALAS-2016-736)

2016-10-26 00:00:00

Debian: Security Advisory (DSA-3611-1)

2016-07-07 00:00:00

SOL82392041 - Apache Commons FileUpload vulnerability CVE-2016-3092

2016-07-19 00:00:00

K82392041 : Apache Commons FileUpload vulnerability CVE-2016-3092

2016-07-19 00:00:00

tomcat

Fixed in Apache Tomcat 9.0.0.M8

2016-06-13 00:00:00

Fixed in Apache Tomcat 8.5.3 and 8.0.36

2016-06-13 00:00:00

Fixed in Apache Tomcat 7.0.70

2016-06-20 00:00:00

myhack58

Apache Commons Fileupload 1.3.1 DOS(CVE-2016-3092)-vulnerability warning-the black bar safety net

2017-06-15 00:00:00

checkpoint_advisories

Apache Commons FileUpload Denial Of Service (CVE-2016-3092)

2016-07-31 00:00:00

freebsd

Apache Commons FileUpload -- denial of service

2016-06-21 00:00:00

Apache Commons FileUpload -- denial of service (DoS) vulnerability

2016-06-20 00:00:00

atlassian

Upgrade Tomcat to 8.0.36 or later

2016-07-14 14:22:05

Upgrade Tomcat to 8.0.36 or later

2016-07-14 14:22:05

Upgrade Tomcat to 8.0.36 or later

2016-07-14 14:22:05

fedora

[SECURITY] Fedora 25 Update: tomcat-8.0.36-2.fc25

2016-09-01 13:43:39

[SECURITY] Fedora 23 Update: tomcat-8.0.36-2.fc23

2016-09-01 18:56:38

[SECURITY] Fedora 24 Update: tomcat-8.0.36-2.fc24

2016-09-01 17:01:05

ubuntucve

CVE-2016-3092

2016-06-23 00:00:00

amazon

Medium: tomcat7, tomcat8

2016-08-17 13:30:00

debian

[SECURITY] [DSA 3614-1] tomcat7 security update

2016-07-02 12:54:16

[SECURITY] [DSA 3611-1] libcommons-fileupload-java security update

2016-06-30 08:44:01

[SECURITY] [DLA 529-1] tomcat7 security update

2016-06-26 18:59:17

osv

libcommons-fileupload-java - security update

2016-06-26 00:00:00

High severity vulnerability that affects commons-fileupload:commons-fileupload

2018-12-21 17:47:47

tomcat7 - security update

2016-06-26 00:00:00

veracode

Denial Of Service (DoS)

2019-01-15 09:13:41

Denial Of Service (DoS)

2017-04-04 03:24:03

mageia

Updated tomcat/apache-commons-fileupload packages fix security vulnerability

2016-07-27 00:16:28

debiancve

CVE-2016-3092

2016-07-04 22:59:00

jvn

JVN#89379547: Apache Commons FileUpload vulnerable to denial-of-service (DoS)

2016-06-30 00:00:00

github

High severity vulnerability that affects commons-fileupload:commons-fileupload

2018-12-21 17:47:47

Improper Input Validation in Jenkins

2022-05-14 01:04:31

prion

Design/Logic Flaw

2016-07-04 22:59:00

Design/Logic Flaw

2018-01-26 02:29:00

ubuntu

Tomcat vulnerability

2016-07-06 00:00:00

Tomcat vulnerabilities

2016-07-05 00:00:00

cve

CVE-2016-3092

2016-07-04 22:59:00

CVE-2017-1000394

2018-01-26 02:29:00

redhatcve

CVE-2017-1000394

2017-11-21 11:20:50

gentoo

Apache Commons FileUpload: Multiple vulnerabilities

2021-07-17 00:00:00

centos

tomcat security update

2016-11-25 15:49:52

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.043 Low

EPSS

Percentile

91.3%

JSON

Related for ATLASSIAN:BSERV-8977