Search for packages
| purl | pkg:deb/debian/libcommons-fileupload-java@1.0-14 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-hysp-vpze-aaaa
Aliases: CVE-2013-0248 GHSA-vm69-474v-7q2w |
/tmp directory used by default for uploaded files The default configuration of `javax.servlet.context.tempdir` in this package uses the `/tmp` directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack. |
Affected by 1 other vulnerability. |
|
VCID-qcms-zybq-aaap
Aliases: CVE-2014-0050 GHSA-xx68-jfcg-xmmf |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 4 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-qmjs-369r-aaar
Aliases: CVE-2016-3092 GHSA-fvm3-cfvj-gxqq |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-yqy8-6qrt-aaaa
Aliases: CVE-2013-2186 GHSA-qx6h-9567-5fqw |
Arbitrary file upload via deserialization The DiskFileItem class in this package allows remote attackers to write to arbitrary files via a `NULL` byte in a file name in a serialized instance. |
Affected by 4 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:10:48.163259+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:24:12.616748+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T14:16:44.975638+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:56:57.987829+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:28:32.814909+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:25:46.375154+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:33:00.669940+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:18:38.267445+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:06:09.827423+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T00:24:20.333767+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | None | 36.1.3 |
| 2025-06-20T19:48:09.147802+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.1.3 |
| 2025-06-20T19:33:27.968051+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | None | 36.1.3 |
| 2025-06-20T19:28:33.039324+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.1.3 |
| 2025-06-08T13:05:15.770915+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:39:42.957167+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:54:53.017796+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T07:10:06.670671+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:51:08.756645+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:22:35.763991+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:26:51.107685+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:21:29.212153+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:06:27.335172+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:53:18.664232+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-07T17:47:08.374865+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | None | 36.1.0 |
| 2025-06-07T13:40:14.996269+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.1.0 |
| 2025-06-07T13:29:22.775674+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | None | 36.1.0 |
| 2025-06-07T13:25:56.401321+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.1.0 |
| 2025-06-03T13:25:13.968275+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.1.2 |
| 2025-04-12T21:23:28.872760+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:52:47.004079+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:24:23.249738+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:37:26.259084+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T05:42:40.486023+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:23:36.702992+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:54:50.437651+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:58:04.260833+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T01:48:53.499034+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T01:33:41.154503+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:20:33.309277+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-07T16:23:34.745943+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | None | 36.0.0 |
| 2025-04-07T12:15:36.439853+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.0.0 |
| 2025-04-07T12:04:51.024765+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | None | 36.0.0 |
| 2025-04-07T12:01:27.334860+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.0.0 |
| 2024-11-29T15:13:07.126087+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-15T07:56:55.491428+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-15T07:56:54.763047+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 34.0.2 |
| 2024-10-14T21:53:35.750340+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-05T05:45:49.015603+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-10-05T05:45:48.320848+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 34.0.1 |
| 2024-09-21T12:42:38.747399+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |