virus logo Endpoint Vulnerability

Apache Commons FileUpload Denial of Service Vulnerability

description-logoDescription

Apache Commons FileUpload versions before 1.5 lack a limit on request parts, allowing attackers to trigger a denial-of-service via malicious uploads; the new FileUploadBase#setFileCountMax option is disabled by default.

affected-products-logoAffected Applications

Apache Commons FileUpload

Version Updates

Date Version Status Detail
2025-06-20 1.00868
Modified
 Apache Commons FileUpload
2023-07-06 1.00495
New
 Apache Commons FileUpload

References

https://github.com/advisories/GHSA-hfrx-6qgj-fp6c
ID 5185
Created Jul 06, 2023
Description
Updated		 Jan 16, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Apache
Patch manual
Application Apache Commons FileUpload