Denial of Service Vulnerability in Apache Commons Fileupload

Denial of Service Vulnerability in Apache Commons Fileupload

CVE-2016-3092 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.

Learn more about our Cis Benchmark Audit For Apache Http Server.