CVE-2025-48976
Essential information
- Published
- 16/06/2025 15:15
- Modified
- 16/06/2025 20:15
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload.
This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4.
Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue.
NVD status
- Status
- Received — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| apache / commons fileupload | cpe:2.3:a:apache:commons_fileupload:<1.6:*:*:*:*:*:*:* |
| apache / commons fileupload | cpe:2.3:a:apache:commons_fileupload:<2.0.0-M4:*:*:*:*:*:*:* |
| apache / commons fileupload | cpe:2.3:a:apache:commons_fileupload:1.6:*:*:*:*:*:*:* |
| apache / commons fileupload | cpe:2.3:a:apache:commons_fileupload:2.0.0-M4:*:*:*:*:*:*:* |