Search for packages
| purl | pkg:deb/debian/libcommons-fileupload-java@1.3.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-qmjs-369r-aaar
Aliases: CVE-2016-3092 GHSA-fvm3-cfvj-gxqq |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-hysp-vpze-aaaa | /tmp directory used by default for uploaded files The default configuration of `javax.servlet.context.tempdir` in this package uses the `/tmp` directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack. |
CVE-2013-0248
GHSA-vm69-474v-7q2w |
| VCID-qcms-zybq-aaap | High severity vulnerability that affects commons-fileupload:commons-fileupload |
CVE-2014-0050
GHSA-xx68-jfcg-xmmf |
| VCID-yqy8-6qrt-aaaa | Arbitrary file upload via deserialization The DiskFileItem class in this package allows remote attackers to write to arbitrary files via a `NULL` byte in a file name in a serialized instance. |
CVE-2013-2186
GHSA-qx6h-9567-5fqw |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:10:48.173547+00:00 | Debian Oval Importer | Fixing | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:24:12.629961+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T14:16:44.987431+00:00 | Debian Oval Importer | Fixing | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:56:57.994887+00:00 | Debian Oval Importer | Fixing | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:28:32.822330+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:25:46.384422+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T09:33:00.678549+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T00:24:20.341797+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | None | 36.1.3 |
| 2025-06-20T21:53:45.254269+00:00 | Debian Oval Importer | Fixing | VCID-qcms-zybq-aaap | None | 36.1.3 |
| 2025-06-20T19:51:55.375284+00:00 | Debian Oval Importer | Fixing | VCID-yqy8-6qrt-aaaa | None | 36.1.3 |
| 2025-06-20T19:48:09.154786+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.1.3 |
| 2025-06-08T13:05:15.776972+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:39:42.963200+00:00 | Debian Oval Importer | Fixing | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:54:53.023910+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T07:10:06.677268+00:00 | Debian Oval Importer | Fixing | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:51:08.763483+00:00 | Debian Oval Importer | Fixing | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:22:35.771191+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:26:51.115000+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T03:21:29.219431+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T17:47:08.381017+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | None | 36.1.0 |
| 2025-06-07T15:17:06.607794+00:00 | Debian Oval Importer | Fixing | VCID-qcms-zybq-aaap | None | 36.1.0 |
| 2025-06-07T13:43:21.441408+00:00 | Debian Oval Importer | Fixing | VCID-yqy8-6qrt-aaaa | None | 36.1.0 |
| 2025-06-07T13:40:15.002311+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.1.0 |
| 2025-04-12T21:23:28.892028+00:00 | Debian Oval Importer | Fixing | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:52:47.023688+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:24:23.269909+00:00 | Debian Oval Importer | Fixing | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:37:26.278554+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T05:42:40.506314+00:00 | Debian Oval Importer | Fixing | VCID-qcms-zybq-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:23:36.722943+00:00 | Debian Oval Importer | Fixing | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:54:50.457793+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:58:04.280342+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T01:48:53.518963+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T16:23:34.765683+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | None | 36.0.0 |
| 2025-04-07T13:48:37.602779+00:00 | Debian Oval Importer | Fixing | VCID-qcms-zybq-aaap | None | 36.0.0 |
| 2025-04-07T12:18:38.974259+00:00 | Debian Oval Importer | Fixing | VCID-yqy8-6qrt-aaaa | None | 36.0.0 |
| 2025-04-07T12:15:36.461408+00:00 | Debian Oval Importer | Affected by | VCID-qmjs-369r-aaar | None | 36.0.0 |
| 2024-11-29T15:13:07.145440+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-15T07:56:55.510550+00:00 | Debian Oval Importer | Fixing | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T21:53:35.770154+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-05T05:45:49.034758+00:00 | Debian Oval Importer | Fixing | VCID-yqy8-6qrt-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T12:42:38.772190+00:00 | Debian Oval Importer | Fixing | VCID-hysp-vpze-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |