CVSS: 7.8EPSS: 43%CPEs: 94EXPL: 0CVE-2016-3092 – tomcat: Usage of vulnerable FileUpload package can result in denial of service
https://notcve.org/view.php?id=CVE-2016-3092
30 Jun 2016 — The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string. La clase MultipartStream en Apache Commons Fileupload en versiones anteriores a 1.3.2, tal como se utiliza en Apache Tomcat 7.x en versiones anteriores a 7.0.70, 8.x en versiones anteriores a 8.0.36, 8.5.x en versione... • http://jvn.jp/en/jp/JVN89379547/index.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2600 – HP Security Bulletin HPSBGN02986
https://notcve.org/view.php?id=CVE-2014-2600
05 Apr 2014 — Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP IceWall Identity Manager 4.0 hasta SP1 y 5.0 y la opción de restablecimiento de contraseña de IceWall SSO 10.0, cuando Apache Commons FileUpload es utilizado, permite a usuarios remotos autenticados causar una denegación de se... • http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04214298 •