Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-0050

Опубликовано: 01 апр. 2014
Источник: ubuntu
Приоритет: medium
EPSS Критический
CVSS2: 7.5

Описание

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

РелизСтатусПримечание
artful

not-affected

1.3.1-1
bionic

not-affected

1.3.1-1
cosmic

not-affected

1.3.1-1
devel

not-affected

1.3.1-1
disco

not-affected

1.3.1-1
esm-apps/bionic

not-affected

1.3.1-1
esm-apps/xenial

not-affected

1.3.1-1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
lucid

ignored

end of life
precise

ignored

end of life

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

not-affected

esm-infra-legacy/trusty

not-affected

lucid

not-affected

precise

not-affected

precise/esm

not-affected

Показывать по

РелизСтатусПримечание
artful

not-affected

7.0.52-1
bionic

not-affected

7.0.52-1
cosmic

not-affected

7.0.52-1
devel

DNE

disco

DNE

esm-apps/bionic

not-affected

7.0.52-1
esm-apps/xenial

not-affected

7.0.52-1
esm-infra-legacy/trusty

not-affected

7.0.52-1
lucid

DNE

precise

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 100%
0.92594
Критический

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2014-0050

redhat
больше 11 лет назад

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

nvd логотип

CVE-2014-0050

nvd
около 11 лет назад

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.

debian логотип

CVE-2014-0050

debian
около 11 лет назад

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as use ...

github логотип

GHSA-xx68-jfcg-xmmf

github
больше 6 лет назад

Commons FileUpload Denial of service vulnerability

fstec логотип

BDU:2022-03337

CVSS3: 6.3
fstec
около 11 лет назад

Уязвимость файла MultipartStream.java библиотеки Apache Commons FileUpload, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 100%
0.92594
Критический

7.5 High

CVSS2

Уязвимость CVE-2014-0050