VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Apache
>
Commons Fileupload
> 1.4
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-02-20
CVE-2023-24998
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured.
network
low complexity
apache
debian
7.5
7.5