Vulnerabilities > Apache > Commons Fileupload > 1.3.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-20 | CVE-2023-24998 | Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured. | 7.5 |
| 2016-10-25 | CVE-2016-1000031 | Improper Access Control vulnerability in Apache Commons Fileupload Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution | 9.8 |