Homepage

commons-fileupload:commons-fileupload@1.4 vulnerabilities

  • latest version

    1.5

  • latest non vulnerable version

    1.5

  • first published

    19 years ago

  • latest version published

    2 years ago

  • licenses detected

  • package registry

    View on Maven Central Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the commons-fileupload:commons-fileupload package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Denial of Service (DoS)

    commons-fileupload:commons-fileupload is a component that provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.

    Affected versions of this package are vulnerable to Denial of Service (DoS) when an attacker sends a large number of request parts in a series of uploads or a single multipart upload.

    NOTE: After upgrading to the fixed version, the setFileCountMax() must be explicitly set to avoid this vulnerability.

    How to fix Denial of Service (DoS)?

    Upgrade commons-fileupload:commons-fileupload to version 1.5 or higher.

    [1.0-beta-1,1.5)
    Go back to all versions of this package