The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.88529.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Redhat
  • Jboss Enterprise Brms Platform
  • Jboss Enterprise Portal Platform
  • Jboss Enterprise Soa Platform
  • Jboss Enterprise Web Server
  • Jboss Operations Network
  • Openshift
Ubuntu
  • Ubuntu

Configuration 1 [-]

OR cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_portal_platform:4.3.0:cp07:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_portal_platform:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_portal_platform:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*

Configuration 2 [-]

cpe:2.3:o:ubuntu:ubuntu:10.04:*:lts:*:*:*:*:*
Package CPE Advisory Released Date
JBoss Enterprise BRMS Platform 5.3
cpe:/a:redhat:jboss_enterprise_brms_platform:5.3.1 RHSA-2013:1430 2013-10-15T00:00:00Z
Red Hat JBoss Enterprise Web Server 1 for RHEL 5
jakarta-commons-fileupload-1:1.1.1-7.7.ep5.el5 cpe:/a:redhat:jboss_enterprise_web_server:1::el5 RHSA-2013:1428 2013-10-15T00:00:00Z
Red Hat JBoss Enterprise Web Server 1 for RHEL 6
jakarta-commons-fileupload-1:1.1.1-7.7.ep5.el6 cpe:/a:redhat:jboss_enterprise_web_server:1::el6 RHSA-2013:1428 2013-10-15T00:00:00Z
Red Hat JBoss Operations Network 3.1
cpe:/a:redhat:jboss_operations_network:3.1.2 RHSA-2013:1448 2013-10-21T00:00:00Z
Red Hat JBoss Portal 4.3
cpe:/a:redhat:jboss_enterprise_portal_platform:4.3.0:update7 RHSA-2013:1430 2013-10-15T00:00:00Z
Red Hat JBoss Portal 5.2
cpe:/a:redhat:jboss_enterprise_portal_platform:5.2.2 RHSA-2013:1430 2013-10-15T00:00:00Z
Red Hat JBoss Portal Platform 6.0
cpe:/a:redhat:jboss_enterprise_portal_platform:6.0.0 RHSA-2013:1430 2013-10-15T00:00:00Z
Red Hat JBoss SOA Platform 4.3
cpe:/a:redhat:jboss_enterprise_soa_platform:4.3.0:update5 RHSA-2013:1442 2013-10-17T00:00:00Z
Red Hat JBoss SOA Platform 5.3
cpe:/a:redhat:jboss_enterprise_soa_platform:5.3.1 RHSA-2013:1442 2013-10-17T00:00:00Z
Red Hat JBoss Web Server 1.0
cpe:/a:redhat:jboss_enterprise_web_server:1.0.2 RHSA-2013:1429 2013-10-15T00:00:00Z
Red Hat OpenShift Enterprise 3.1
atomic-openshift-0:3.1.1.6-1.git.0.b57e8bd.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
heapster-0:0.18.2-3.gitaf4752e.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
jenkins-0:1.625.3-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-align-text-0:0.1.3-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-ansi-green-0:0.1.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-ansi-wrap-0:0.1.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-anymatch-0:1.3.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-array-unique-0:0.2.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-arr-diff-0:2.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-arr-flatten-0:1.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-arrify-0:1.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-async-each-0:1.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-binary-extensions-0:1.3.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-braces-0:1.8.2-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-capture-stack-trace-0:1.0.0-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-chokidar-0:1.4.1-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-configstore-0:1.4.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-create-error-class-0:2.0.1-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-deep-extend-0:0.3.2-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-duplexer-0:0.1.1-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-duplexify-0:3.4.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-end-of-stream-0:1.1.0-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-error-ex-0:1.2.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-es6-promise-0:3.0.2-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-event-stream-0:3.3.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-expand-brackets-0:0.1.4-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-expand-range-0:1.8.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-extglob-0:0.3.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-filename-regex-0:2.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-fill-range-0:2.2.3-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-for-in-0:0.1.4-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-for-own-0:0.1.3-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-from-0:0.1.3-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-glob-base-0:0.3.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-glob-parent-0:2.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-got-0:5.2.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-graceful-fs-0:4.1.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-ini-0:1.1.0-6.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-binary-path-0:1.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-dotfile-0:1.0.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-equal-shallow-0:0.1.3-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-extendable-0:0.1.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-extglob-0:1.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-glob-0:2.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-npm-0:1.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-number-0:2.1.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-isobject-0:2.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-plain-obj-0:1.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-primitive-0:2.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-redirect-0:1.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-is-stream-0:1.0.1-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-kind-of-0:3.0.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-latest-version-0:2.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lazy-cache-0:1.0.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.assign-0:3.2.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.baseassign-0:3.2.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.basecopy-0:3.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.bindcallback-0:3.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.createassigner-0:3.1.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.defaults-0:3.1.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.getnative-0:3.9.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.isarguments-0:3.0.4-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.isarray-0:3.0.4-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.isiterateecall-0:3.0.9-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.keys-0:3.1.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lodash.restparam-0:3.6.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-lowercase-keys-0:1.0.0-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-map-stream-0:0.1.0-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-micromatch-0:2.3.5-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-mkdirp-0:0.5.0-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-nodemon-0:1.8.1-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-node-status-codes-0:1.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-normalize-path-0:2.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-object-assign-0:4.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-object.omit-0:2.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-optimist-0:0.4.0-5.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-osenv-0:0.1.0-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-os-homedir-0:1.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-os-tmpdir-0:1.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-package-json-0:2.3.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-parse-glob-0:3.0.4-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-parse-json-0:2.2.0-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-pause-stream-0:0.0.11-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-pinkie-0:2.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-pinkie-promise-0:2.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-prepend-http-0:1.0.1-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-preserve-0:0.2.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-ps-tree-0:1.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-randomatic-0:1.1.5-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-rc-0:1.1.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-read-all-stream-0:3.0.1-3.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-readdirp-0:2.0.0-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-regex-cache-0:0.4.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-registry-url-0:3.0.3-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-repeat-element-0:1.1.2-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-semver-0:5.1.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-semver-diff-0:2.1.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-slide-0:1.1.5-3.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-split-0:0.3.3-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-stream-combiner-0:0.2.1-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-string-length-0:1.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-strip-json-comments-0:1.0.2-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-success-symbol-0:0.1.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-through-0:2.3.4-4.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-timed-out-0:2.0.0-3.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-touch-0:1.0.0-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-undefsafe-0:0.0.3-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-unzip-response-0:1.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-update-notifier-0:0.6.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-url-parse-lax-0:1.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-uuid-0:2.0.1-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-write-file-atomic-0:1.1.2-2.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nodejs-xdg-basedir-0:2.0.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
nss_wrapper-0:1.0.3-1.el7 cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
openshift-ansible-0:3.0.35-1.git.0.6a386dd.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
openvswitch-0:2.4.0-1.el7 cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z
origin-kibana-0:0.5.0-1.el7aos cpe:/a:redhat:openshift:3.1::el7 RHSA-2016:0070 2016-01-26T00:00:00Z

No data.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-2827-1 libcommons-fileupload-java security update
Github GHSA Github GHSA GHSA-qx6h-9567-5fqw Arbitrary file write in Apache Commons Fileupload
Ubuntu USN Ubuntu USN USN-2029-1 Apache Commons FileUpload vulnerability
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00008.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-updates/2013-10/msg00033.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-updates/2013-10/msg00050.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-1428.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-1429.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-1430.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-1442.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-1448.html cve-icon cve-icon
http://secunia.com/advisories/55716 cve-icon cve-icon
http://ubuntu.com/usn/usn-2029-1 cve-icon cve-icon
http://www.debian.org/security/2013/dsa-2827 cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html cve-icon cve-icon
http://www.securityfocus.com/bid/63174 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2016:0070 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/88133 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2013-2186 cve-icon
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2013-2186 cve-icon
https://www.tenable.com/security/research/tra-2016-23 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-06T15:27:40.996Z

Reserved: 2013-02-19T00:00:00

Link: CVE-2013-2186

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2013-10-28T21:55:05.157

Modified: 2025-04-11T00:51:21.963

Link: CVE-2013-2186

cve-icon Redhat

Severity : Important

Publid Date: 2013-10-15T00:00:00Z

Links: CVE-2013-2186 - Bugzilla

cve-icon OpenCVE Enrichment

No data.