7.5
CVE-2014-0050
- EPSS 92.88%
- Veröffentlicht 01.04.2014 06:27:51
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Retail Applications Version12.0
Oracle ≫ Retail Applications Version12.0in
Oracle ≫ Retail Applications Version13.0
Oracle ≫ Retail Applications Version13.1
Oracle ≫ Retail Applications Version13.2
Oracle ≫ Retail Applications Version13.3
Oracle ≫ Retail Applications Version13.4
Oracle ≫ Retail Applications Version14.0
Apache ≫ Commons Fileupload Version <= 1.3
Apache ≫ Commons Fileupload Version1.0
Apache ≫ Commons Fileupload Version1.1
Apache ≫ Commons Fileupload Version1.1.1
Apache ≫ Commons Fileupload Version1.2
Apache ≫ Commons Fileupload Version1.2.1
Apache ≫ Commons Fileupload Version1.2.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 92.88% | 0.998 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|