1043 matches found
Important: tomcat9
Issue Overview: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or...
Important: tomcat
Issue Overview: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or...
Amazon Linux 2 : tomcat, --advisory ALAS2TOMCAT9-2025-020 (ALASTOMCAT9-2025-020)
The version of tomcat installed on the remote host is prior to 9.0.106-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT9-2025-020 advisory. Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Common...
Amazon Linux 2 : tomcat (ALAS-2025-2920)
The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2920 advisory. Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload...
Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2025-1064)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1064 advisory. Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before...
Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2025-1065)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1065 advisory. Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before...
DoS (Denial of Service) Third-Party Dependency in Bamboo Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 9.4.0, 9.5.0, 9.6.0, 10.0.0, 10.1.0, 10.2.0, and 11.0.0 of Bamboo Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
apache-commons-fileupload-1.6.0-1.1 on GA media (moderate)
apache-commons-fileupload-1.6.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15208-1 Rating: moderate Cross-References: CVE-2025-48976 CVSS scores: CVE-2025-48976 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-48976 SUSE : 8.7...
OESA-2025-1706 apache-commons-fileupload security update
The javax.servlet package lacks support for RFC-1867, HTML file upload. This package provides a simple to use API for working with such data. The scope of this package is to create a package of Java utility classes to read multipart/form-data within a javax.servlet.http.HttpServletRequest. Securi...
OPENSUSE-SU-2025:15208-1 apache-commons-fileupload-1.6.0-1.1 on GA media
These are all security issues fixed in the apache-commons-fileupload-1.6.0-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE: Security Advisory (SUSE-SU-2025:02184-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : jakarta-commons-fileupload (SUSE-SU-2025:02184-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:02184-1 advisory. Upgrade to upstream version 1.6.0 - CVE-2025-48976: Fixed allocation of resources for multipart headers with insufficient limits can lead to a DoS...
Security update for jakarta-commons-fileupload
This update for jakarta-commons-fileupload fixes the following issues: Upgrade to upstream version 1.6.0 CVE-2025-48976: Fixed allocation of resources for multipart headers with insufficient limits can lead to a DoS bsc1244657. Full changelog:...
SUSE-SU-2025:02184-1 Security update for jakarta-commons-fileupload
This update for jakarta-commons-fileupload fixes the following issues: Upgrade to upstream version 1.6.0 - CVE-2025-48976: Fixed allocation of resources for multipart headers with insufficient limits can lead to a DoS bsc1244657. Full changelog:...
openSUSE Security Advisory (SUSE-SU-2025:02159-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:02159-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : apache-commons-fileupload (SUSE-SU-2025:02159-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02159-1 advisory. Upgrade to upstream version 1.6.0 - CVE-2025-48976: Fixed allocation of resources for multipart headers with insufficient...
Security update for apache-commons-fileupload
This update for apache-commons-fileupload fixes the following issues: Upgrade to upstream version 1.6.0 CVE-2025-48976: Fixed allocation of resources for multipart headers with insufficient limits can lead to a DoS bsc1244657. Full changelog:...
SUSE-SU-2025:02159-1 Security update for apache-commons-fileupload
This update for apache-commons-fileupload fixes the following issues: Upgrade to upstream version 1.6.0 - CVE-2025-48976: Fixed allocation of resources for multipart headers with insufficient limits can lead to a DoS bsc1244657. Full changelog:...
Denial-of-service (DoS) vulnerabilities in multiple Apache products
Overview Multiple Apache products provided by The Apache Software Foundation contain vulnerabilities listed below. Allocation of resources without limits or throttling CWE-770 - CVE-2025-48976, CVE-2025-48988 TERASOLUNA Framework Security Team of NTT DATA Group Corporation reported this...