ALT-PU-2016-3250-1
Package apache-commons-fileupload updated to version 1.3.2-alt1_1jpp8 for branch sisyphus in task 174742.
Closed vulnerabilities
Published: 2016-07-05
BDU:2016-01698
Уязвимость библиотеки Сommons FileUpload, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8)
References:
Published: 2016-07-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-3092
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- JVN#89379547
- JVN#89379547
- JVNDB-2016-000121
- JVNDB-2016-000121
- openSUSE-SU-2016:2252
- openSUSE-SU-2016:2252
- [dev] 20160621 CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability
- [dev] 20160621 CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability
- RHSA-2016:2068
- RHSA-2016:2068
- RHSA-2016:2069
- RHSA-2016:2069
- RHSA-2016:2070
- RHSA-2016:2070
- RHSA-2016:2071
- RHSA-2016:2071
- RHSA-2016:2072
- RHSA-2016:2072
- RHSA-2016:2599
- RHSA-2016:2599
- RHSA-2016:2807
- RHSA-2016:2807
- RHSA-2016:2808
- RHSA-2016:2808
- RHSA-2017:0457
- RHSA-2017:0457
- http://svn.apache.org/viewvc?view=revision&revision=1743480
- http://svn.apache.org/viewvc?view=revision&revision=1743480
- http://svn.apache.org/viewvc?view=revision&revision=1743722
- http://svn.apache.org/viewvc?view=revision&revision=1743722
- http://svn.apache.org/viewvc?view=revision&revision=1743738
- http://svn.apache.org/viewvc?view=revision&revision=1743738
- http://svn.apache.org/viewvc?view=revision&revision=1743742
- http://svn.apache.org/viewvc?view=revision&revision=1743742
- http://tomcat.apache.org/security-7.html
- http://tomcat.apache.org/security-7.html
- http://tomcat.apache.org/security-8.html
- http://tomcat.apache.org/security-8.html
- http://tomcat.apache.org/security-9.html
- http://tomcat.apache.org/security-9.html
- DSA-3609
- DSA-3609
- DSA-3611
- DSA-3611
- DSA-3614
- DSA-3614
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- 91453
- 91453
- 1036427
- 1036427
- 1036900
- 1036900
- 1037029
- 1037029
- 1039606
- 1039606
- USN-3024-1
- USN-3024-1
- USN-3027-1
- USN-3027-1
- RHSA-2017:0455
- RHSA-2017:0455
- RHSA-2017:0456
- RHSA-2017:0456
- https://bugzilla.redhat.com/show_bug.cgi?id=1349468
- https://bugzilla.redhat.com/show_bug.cgi?id=1349468
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759
- [tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
- [tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
- [tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
- [tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
- [tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/
- [tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/
- GLSA-201705-09
- GLSA-201705-09
- GLSA-202107-39
- GLSA-202107-39
- https://security.netapp.com/advisory/ntap-20190212-0001/
- https://security.netapp.com/advisory/ntap-20190212-0001/
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html