Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| commons-fileupload:commons-fileupload(Maven) | 1.0 | 1.6.0 | N/A |
| org.apache.commons:commons-fileupload2-core(Maven) | 2.0.0-M1 | 2.0.0-M4 | N/A |
CVSS Metrics
