3 matches found
Spring Framework DoS with Multipart Temp Files in WebFlux
A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are...
CVE-2026-22740
The CVE-2026-22740 issue affects Spring Framework WebFlux multipart request handling. The root cause is cleanup of temporary files created for parts larger than 10 KB, which in some cases are not deleted after the request completes, enabling an attacker to exhaust disk space (Denial of Service). ...
PT-2026-35899
Name of the Vulnerable Software and Affected Versions WebFlux server application affected versions not specified Description A WebFlux server application that processes multipart requests creates temporary files for parts larger than 10 K. Under certain conditions, these temporary files may not b...