apache-commons-fileupload: Apache Commons FileUpload DoS via part headers

A denial-of-service DoS vulnerability has been discovered in the Apache Commons FileUpload library. The flaw stems from insufficient limits placed on multipart headers during file uploads. A remote attacker could exploit this by sending a specially crafted request with an excessively large number...

apache-commons-fileupload: Apache Commons FileUpload DoS via part headers

A denial-of-service DoS vulnerability has been discovered in the Apache Commons FileUpload library. The flaw stems from insufficient limits placed on multipart headers during file uploads. A remote attacker could exploit this by sending a specially crafted request with an excessively large number...

Security Bulletin: IBM Integration Designer is vulnerable to denial of service (CVE-2025-48976, CVE-2025-48924)

Summary Vulnerability in Apache Commons FileUpload and Commons Lang used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2025-48976 and CVE-2025-48924. Vulnerability Details CVEID:CVE-2025-48976 DESCRIPTION: Allocation of resources for multipart headers with insufficient...

[SECURITY] [DLA 4245-1] libcommons-fileupload-java security update

Debian LTS Advisory DLA-4245-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 22, 2025 https://wiki.debian.org/LTS Package : libcommons-fileupload-java Version : 1.4-1+deb11u1 CVE ID : CVE-2023-24998 CVE-2025-48976 Debian Bug : 1031733 1108120 Two security...

Debian: Security Advisory (DLA-4245-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-4245 : libcommons-fileupload-java - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4245 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4245-1 [email protected]...

DLA-4245-1 libcommons-fileupload-java - security update

Bulletin has no description...

K000152614: Apache Commons vulnerability CVE-2025-48976

Security Advisory Description Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to...

Security Bulletin: Apache Commons FileUpload used by IBM InfoSphere Identity Insight has a potential vulnerability (CVE-2025-48976))

Summary Apache Commons FileUpload used by IBM InforSphere Identity Insight provided a hard-coded limit of 10kB for the size of the headers associated with a multipart request. A specially crafted request that used a large number of parts with large headers could trigger excessive memory usage...

CVE-2025-7627

A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this issue is the function fileUpload of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. The attack may be...

CVE-2025-7627

A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this issue is the function fileUpload of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. The attack may be...

kkFileViewOfficeEdit 代码问题漏洞

kkFileViewOfficeEdit is a file online preview and online editing software for OFFICE by YiJiuSmile personal developer. A code issue vulnerability exists in kkFileViewOfficeEdit 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and prior versions, which stems from a misbehavior of the fileUpload function...

OESA-2025-1819 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Allocation of resources for...

OESA-2025-1818 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Allocation of resources for...

OESA-2025-1817 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Allocation of resources for...

OESA-2025-1816 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Allocation of resources for...

OESA-2025-1815 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Allocation of resources for...

OESA-2025-1814 tomcat security update

Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Allocation of resources for...

Important: tomcat

Issue Overview: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or...

Important: tomcat10

Issue Overview: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or...