Apache: >> Commons Fileupload >> 1.3.2 Security Vulnerabilities
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.
Note that, like all of the file upload limits, the
new configuration option (FileUploadBase#setFileCountMax) is not
enabled by default and must be explicitly configured.
CVSS Score
7.5
EPSS Score
0.411
Published
2023-02-20
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
CVSS Score
9.8
EPSS Score
0.559
Published
2016-10-25