Search for packages
| purl | pkg:deb/debian/libcommons-fileupload-java@1.0-12 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-hysp-vpze-aaaa
Aliases: CVE-2013-0248 GHSA-vm69-474v-7q2w |
/tmp directory used by default for uploaded files The default configuration of `javax.servlet.context.tempdir` in this package uses the `/tmp` directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack. |
Affected by 1 other vulnerability. |
|
VCID-qcms-zybq-aaap
Aliases: CVE-2014-0050 GHSA-xx68-jfcg-xmmf |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 4 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-qmjs-369r-aaar
Aliases: CVE-2016-3092 GHSA-fvm3-cfvj-gxqq |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-yqy8-6qrt-aaaa
Aliases: CVE-2013-2186 GHSA-qx6h-9567-5fqw |
Arbitrary file upload via deserialization The DiskFileItem class in this package allows remote attackers to write to arbitrary files via a `NULL` byte in a file name in a serialized instance. |
Affected by 4 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:10:48.160857+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:24:12.613937+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T14:16:44.972714+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:56:57.985907+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:28:32.813158+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:25:46.373184+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:33:00.667971+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:18:38.264626+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:06:09.825042+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T00:24:20.331857+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | None | 36.1.3 |
| 2025-06-20T19:48:09.145226+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.1.3 |
| 2025-06-20T19:33:27.966002+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | None | 36.1.3 |
| 2025-06-20T19:28:33.036589+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.1.3 |
| 2025-06-08T13:05:15.769289+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:39:42.955566+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:54:53.016134+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T07:10:06.668883+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:51:08.754887+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:22:35.762112+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:26:51.105962+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:21:29.210277+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:06:27.333537+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:53:18.662419+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-07T17:47:08.373158+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | None | 36.1.0 |
| 2025-06-07T13:40:14.994632+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.1.0 |
| 2025-06-07T13:29:22.773974+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | None | 36.1.0 |
| 2025-06-07T13:25:56.399652+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.1.0 |
| 2025-06-03T13:25:13.966531+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.1.2 |
| 2025-04-12T21:23:28.868357+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:52:46.999103+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:24:23.244457+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:37:26.254712+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T05:42:40.480784+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:23:36.697877+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:54:50.432381+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:58:04.255626+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T01:48:53.493912+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T01:33:41.148896+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:20:33.304159+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-07T16:23:34.741598+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | None | 36.0.0 |
| 2025-04-07T12:15:36.434974+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.0.0 |
| 2025-04-07T12:04:51.019901+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | None | 36.0.0 |
| 2025-04-07T12:01:27.330091+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.0.0 |
| 2024-11-29T15:13:07.121505+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-15T07:56:55.487101+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-15T07:56:54.758058+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 34.0.2 |
| 2024-10-14T21:53:35.745285+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-05T05:45:49.011237+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-10-05T05:45:48.315351+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 34.0.1 |
| 2024-09-21T12:42:38.741068+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |