CNNVD-202506-1896 Information
CNNVD ID
CNNVD-202506-1896
Related CVE
- CNNVD Published: 2025-06-16
Description (Chinese)
Apache Commons FileUpload是美国阿帕奇(Apache)基金会的一个可将文件上传到Servlet和Web应用程序的软件包。 Apache Commons FileUpload 存在安全漏洞,该漏洞源于资源分配不足,可能导致拒绝服务。以下版本受到影响:1.0至1.6之前版本和2.0.0-M1至2.0.0-M4之前版本。
Description (English)
Apache Commons FileUpload is a software package for uploading documents to the Servlet and Web applications of the Apache Foundation in the United States. There is a security loophole in Apache Commons FileUpload, which stems from inadequate resource allocation and may lead to the denial of services. The following versions were affected: pre-version 1.0 to 1.6 and pre-version 2.0-M1 to 2.0.0-M4.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-06-16
Last Modified
2026-02-24
References
http://www.openwall.com/lists/oss-security/2025/06/16/4 https://lists.apache.org/thread/fbs3wrr3p67vkjcxogqqqqz45pqtso12 https://www.oracle.com/security-alerts/cpuoct2025.html https://www.oracle.com/security-alerts/cpujan2026.html https://access.redhat.com/security/cve/cve-2025-48976
Patch
https://commons.apache.org/fileupload/download_fileupload.cgi
Share on: