VulnerableCode Package Details - pkg:ebuild/dev-java/commons-fileupload@1.3

Search for packages

Vulnerability	Summary	Fixed by
VCID-hysp-vpze-aaaa Aliases: CVE-2013-0248 GHSA-vm69-474v-7q2w	/tmp directory used by default for uploaded files The default configuration of `javax.servlet.context.tempdir` in this package uses the `/tmp` directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.	There are no reported fixed by versions.
VCID-qcms-zybq-aaap Aliases: CVE-2014-0050 GHSA-xx68-jfcg-xmmf	High severity vulnerability that affects commons-fileupload:commons-fileupload	There are no reported fixed by versions.
VCID-qmjs-369r-aaar Aliases: CVE-2016-3092 GHSA-fvm3-cfvj-gxqq	High severity vulnerability that affects commons-fileupload:commons-fileupload	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-hysp-vpze-aaaa
Aliases:
CVE-2013-0248
GHSA-vm69-474v-7q2w

/tmp directory used by default for uploaded files The default configuration of `javax.servlet.context.tempdir` in this package uses the `/tmp` directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.

There are no reported fixed by versions.

VCID-qcms-zybq-aaap
Aliases:
CVE-2014-0050
GHSA-xx68-jfcg-xmmf

High severity vulnerability that affects commons-fileupload:commons-fileupload

There are no reported fixed by versions.

VCID-qmjs-369r-aaar
Aliases:
CVE-2016-3092
GHSA-fvm3-cfvj-gxqq

High severity vulnerability that affects commons-fileupload:commons-fileupload

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:01:53.746036+00:00	Gentoo Importer	Affected by	VCID-qmjs-369r-aaar	https://security.gentoo.org/glsa/202107-39	36.0.0
2025-03-28T13:01:53.732842+00:00	Gentoo Importer	Affected by	VCID-qcms-zybq-aaap	https://security.gentoo.org/glsa/202107-39	36.0.0
2025-03-28T13:01:53.719341+00:00	Gentoo Importer	Affected by	VCID-hysp-vpze-aaaa	https://security.gentoo.org/glsa/202107-39	36.0.0
2024-09-18T07:56:01.728216+00:00	Gentoo Importer	Affected by	VCID-qmjs-369r-aaar	https://security.gentoo.org/glsa/202107-39	34.0.1
2024-09-18T07:56:01.715385+00:00	Gentoo Importer	Affected by	VCID-qcms-zybq-aaap	https://security.gentoo.org/glsa/202107-39	34.0.1
2024-09-18T07:56:01.702864+00:00	Gentoo Importer	Affected by	VCID-hysp-vpze-aaaa	https://security.gentoo.org/glsa/202107-39	34.0.1
2024-01-04T02:00:42.721317+00:00	Gentoo Importer	Affected by	VCID-qmjs-369r-aaar	https://security.gentoo.org/glsa/202107-39	34.0.0rc1
2024-01-04T02:00:42.709091+00:00	Gentoo Importer	Affected by	VCID-qcms-zybq-aaap	https://security.gentoo.org/glsa/202107-39	34.0.0rc1
2024-01-04T02:00:42.696892+00:00	Gentoo Importer	Affected by	VCID-hysp-vpze-aaaa	https://security.gentoo.org/glsa/202107-39	34.0.0rc1