CVE-2016-1000031
published 2016-10-25CVE-2016-1000031: Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | commons_fileupload | <= 1.3.2 | — |
| debian | libcommons-fileupload-java | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL