Commons Fileupload

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-48976 HIGH PATCH This Week

Apache Commons FileUpload contains a Denial of Service vulnerability in multipart header processing due to insufficient resource allocation limits (CWE-770). Affected versions are 1.0 through 1.5.x and 2.0.0-M1 through 2.0.0-M3. An unauthenticated remote attacker can exploit this with a network request to cause resource exhaustion and service unavailability without requiring user interaction or elevated privileges. CVSS 7.5 (High) reflects the high availability impact; KEV and EPSS data availability would determine exploitation likelihood in the wild.

Apache Denial Of Service Java Commons Fileupload Redhat +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-48976
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Apache Commons FileUpload contains a Denial of Service vulnerability in multipart header processing due to insufficient resource allocation limits (CWE-770). Affected versions are 1.0 through 1.5.x and 2.0.0-M1 through 2.0.0-M3. An unauthenticated remote attacker can exploit this with a network request to cause resource exhaustion and service unavailability without requiring user interaction or elevated privileges. CVSS 7.5 (High) reflects the high availability impact; KEV and EPSS data availability would determine exploitation likelihood in the wild.

Apache Denial Of Service Java +3
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy