1043 matches found
SUSE CVE-2025-48976
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
CVE-2025-48976
A denial-of-service DoS vulnerability has been discovered in the Apache Commons FileUpload library. The flaw stems from insufficient limits placed on multipart headers during file uploads. A remote attacker could exploit this by sending a specially crafted request with an excessively large number...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +15648 more potentially affected by CVE-2025-48976 via commons-fileupload:commons-fileupload (>=1.0 <=1.5)
commons-fileupload:commons-fileupload MAVEN version =1.0, =1.1, =0.0.1, =0.5.0, =0.6.0, =0.5.0, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.7 and more Source cves: CVE-2025-48976 Source advisory: OSV:GHSA-VV7R-C36W-3PRJ...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when processing multipart headers. An attacker can exhaust system resources by sending malicious requests with excessively large individual multipart headers. Remediation Upgrade...
Allocation of Resources Without Limits or Throttling
Overview commons-fileupload:commons-fileupload is a component that provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or...
Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
au.com.versent.jenkins.plugins:ignore-committer-strategy (>=55.v51410e712e0c <=57.v0756db_b_f6926), be.personify.iam:personify-frontend (>=1.5.4.RELEASE <=1.5.5.RELEASE) +1914 more potentially affected by CVE-2025-48976 via org.apache.commons:commons-fileupload2-core (>=2.0.0-M1 <=2.0.0-M3)
org.apache.commons:commons-fileupload2-core MAVEN version =2.0.0-M1, =55.v51410e712e0c, =1.5.4.RELEASE, =1.0.0, =0.0.15, =24.7.0, =24.7.0, =24.7.0, =24.7.0, =24.11.0, =24.7.0, =24.7.0, =24.7.0, =25.1.0, =3.0.1, =3.2.12 and more Source cves: CVE-2025-48976 Source advisory: OSV:GHSA-VV7R-C36W-3PRJ...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +15648 more potentially affected by CVE-2025-48976 via commons-fileupload:commons-fileupload (>=1.0 <=1.5)
commons-fileupload:commons-fileupload MAVEN version =1.0, =1.1, =0.0.1, =0.5.0, =0.6.0, =0.5.0, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.4, =0.8.7 and more Source cves: CVE-2025-48976 Source advisory: SNYK:JAVA-COMMONSFILEUPLOAD-10363252...
au.com.versent.jenkins.plugins:ignore-committer-strategy (>=55.v51410e712e0c <=57.v0756db_b_f6926), be.personify.iam:personify-frontend (>=1.5.4.RELEASE <=1.5.5.RELEASE) +1914 more potentially affected by CVE-2025-48976 via org.apache.commons:commons-fileupload2-core (>=2.0.0-M1 <=2.0.0-M3)
org.apache.commons:commons-fileupload2-core MAVEN version =2.0.0-M1, =55.v51410e712e0c, =1.5.4.RELEASE, =1.0.0, =0.0.15, =24.7.0, =24.7.0, =24.7.0, =24.7.0, =24.11.0, =24.7.0, =24.7.0, =24.7.0, =25.1.0, =3.0.1, =3.2.12 and more Source cves: CVE-2025-48976 Source advisory:...
GHSA-VV7R-C36W-3PRJ Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
CVE-2025-48976
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
CVE-2025-48976
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
DEBIAN-CVE-2025-48976
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
UBUNTU-CVE-2025-48976
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
CVE-2025-48976 Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
CVE-2025-48976 Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...
CVE-2025-48976
CVE-2025-48976 is a DoS in Apache Commons FileUpload caused by allocation of resources for multipart headers with insufficient limits. Affected: 1.0 before 1.6 and 2.0.0-M1 before 2.0.0-M4. Impact: potential high-availability disruption. Remediation: upgrade to 1.6 or 2.0.0-M4 (as stated in multi...
CVE-2025-48988 Apache Tomcat: FileUpload large number of parts with headers DoS
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. The following versions were EOL at the time the CVE was created but are known to be...
Apache Commons FileUpload 安全漏洞
Apache Commons FileUpload is an Apache USA Foundation package that uploads files to Servlets and Web applications. A security vulnerability exists in Apache Commons FileUpload, which stems from an under-allocation of resources and could lead to a denial of service. The following versions are...
Malicious code in commons-fileupload (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 176e367d438eb3f5463d593e36cde70f38d1f86a0af240ea8669e0c8a25ed516 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...