Apache Commons FileUpload DoS Vulnerability

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Major
    • 10.3.0, 10.1.1, 10.0.3, 10.2.1
    • Affects Version/s: 10.2.0, 10.3.0, 10.1.1, 10.0.3, 10.2.1
    • Component/s: None
    • None

      CVE-2025-48976: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue.

       

      Workaround: If you are with an older version, you can set a safe apache commons fileupload version in your pom file to avoid this issue.

            Assignee:
            jamson
            Reporter:
            jeanher
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: