CVE-2023-24998

Data: 2023-02-22

Severity: High

CVSS Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Riferimenti: https://nvd.nist.gov/vuln/detail/CVE-2023-24998

Libreria: commons-fileupload:commons-fileupload <= 1.4

Descrizione

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.

GovWay

Versione affette: <= 3.3.10

Risoluzione: 3.3.11