Search for packages
| purl | pkg:deb/debian/libcommons-fileupload-java@1.2.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-hysp-vpze-aaaa
Aliases: CVE-2013-0248 GHSA-vm69-474v-7q2w |
/tmp directory used by default for uploaded files The default configuration of `javax.servlet.context.tempdir` in this package uses the `/tmp` directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack. |
Affected by 1 other vulnerability. |
|
VCID-qcms-zybq-aaap
Aliases: CVE-2014-0050 GHSA-xx68-jfcg-xmmf |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 4 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-qmjs-369r-aaar
Aliases: CVE-2016-3092 GHSA-fvm3-cfvj-gxqq |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-yqy8-6qrt-aaaa
Aliases: CVE-2013-2186 GHSA-qx6h-9567-5fqw |
Arbitrary file upload via deserialization The DiskFileItem class in this package allows remote attackers to write to arbitrary files via a `NULL` byte in a file name in a serialized instance. |
Affected by 4 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:10:48.166081+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:24:12.619312+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T14:16:44.978541+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:56:57.989546+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:28:32.816576+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:25:46.377071+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:33:00.672029+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:18:38.269560+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T09:06:09.829913+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.3 |
| 2025-06-21T00:24:20.335601+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | None | 36.1.3 |
| 2025-06-20T19:48:09.149684+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.1.3 |
| 2025-06-20T19:33:27.970032+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | None | 36.1.3 |
| 2025-06-20T19:28:33.042042+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.1.3 |
| 2025-06-08T13:05:15.772429+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:39:42.958675+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:54:53.019343+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T07:10:06.672199+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:51:08.758363+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:22:35.765791+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:26:51.109259+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:21:29.213985+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:06:27.336814+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-08T02:53:18.665897+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.1.0 |
| 2025-06-07T17:47:08.376402+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | None | 36.1.0 |
| 2025-06-07T13:40:14.997815+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.1.0 |
| 2025-06-07T13:29:22.777209+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | None | 36.1.0 |
| 2025-06-07T13:25:56.402889+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.1.0 |
| 2025-06-03T13:25:13.970333+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.1.2 |
| 2025-04-12T21:23:28.877318+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:52:47.009005+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:24:23.254908+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:37:26.263850+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T05:42:40.491329+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:23:36.707955+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:54:50.442791+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:58:04.265810+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T01:48:53.503996+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T01:33:41.159873+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-08T01:20:33.314145+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 36.0.0 |
| 2025-04-07T16:23:34.750724+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | None | 36.0.0 |
| 2025-04-07T12:15:36.445259+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.0.0 |
| 2025-04-07T12:04:51.029693+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | None | 36.0.0 |
| 2025-04-07T12:01:27.340227+00:00 | Debian Oval Importer | Affected by | VCID-qcms-zybq-aaap | None | 36.0.0 |
| 2024-11-29T15:13:07.130834+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-15T07:56:55.496238+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-15T07:56:54.767918+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 34.0.2 |
| 2024-10-14T21:53:35.755308+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-05T05:45:49.020088+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-10-05T05:45:48.326141+00:00 | Debian Oval Importer | Affected by | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 | 34.0.1 |
| 2024-09-21T12:42:38.753613+00:00 | Debian Oval Importer | Affected by | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |