Commons-fileupload:commons-fileupload
This hub aggregates every CVE we track for Commons-fileupload:commons-fileupload, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
7
CVEs tracked
1
Critical
5
High
0
In CISA KEV
Severity distribution
HIGH5LOW1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 7 most recently published vulnerabilities affecting Commons-fileupload:commons-fileupload.
- CVE-2025-48976Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers7.5
- CVE-2023-24998Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive parts7.5
- CVE-2016-1000031Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution9.8
- CVE-2016-3092The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, a...7.5
- CVE-2014-0050MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU ...7.5
- CVE-2013-2186The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to writ...7.5
- CVE-2013-0248The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary...3.3
Product normalization is registry-driven with AI assist and human review. How it works