Описание
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1.3.2-1 |
| bionic | not-affected | 1.3.2-1 |
| cosmic | not-affected | 1.3.2-1 |
| devel | not-affected | 1.3.2-1 |
| disco | not-affected | 1.3.2-1 |
| eoan | not-affected | 1.3.2-1 |
| esm-apps/bionic | not-affected | 1.3.2-1 |
| esm-apps/focal | not-affected | 1.3.2-1 |
| esm-apps/jammy | not-affected | 1.3.2-1 |
| esm-apps/noble | not-affected | 1.3.2-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | not-affected | 6.0.39-1ubuntu0.1+esm1 |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 7.0.70-1 |
| bionic | not-affected | 7.0.70-1 |
| cosmic | not-affected | 7.0.70-1 |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/bionic | not-affected | 7.0.70-1 |
| esm-apps/xenial | released | 7.0.68-1ubuntu0.1 |
| esm-infra-legacy/trusty | not-affected | 7.0.52-1ubuntu0.6 |
| esm-infra/focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 8.0.36-1 |
| bionic | not-affected | 8.0.36-1 |
| cosmic | not-affected | 8.0.36-1 |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/bionic | not-affected | 8.0.36-1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| esm-infra/xenial | not-affected | 8.0.32-1ubuntu1.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | not-affected | 9.0.16-3~18.04.1 |
| cosmic | not-affected | 9.0.16-3~18.10 |
| devel | not-affected | 9.0.16-3 |
| disco | not-affected | 9.0.16-3 |
| eoan | not-affected | 9.0.16-3 |
| esm-apps/bionic | not-affected | 9.0.16-3~18.04.1 |
| esm-apps/focal | not-affected | 9.0.16-3 |
| esm-apps/jammy | not-affected | 9.0.16-3 |
| esm-apps/noble | not-affected | 9.0.16-3 |
Показывать по
EPSS
7.8 High
CVSS2
7.5 High
CVSS3
Связанные уязвимости
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
The MultipartStream class in Apache Commons Fileupload before 1.3.2, a ...
High severity vulnerability that affects commons-fileupload:commons-fileupload
Уязвимость библиотеки Сommons FileUpload, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.8 High
CVSS2
7.5 High
CVSS3