Search for vulnerabilities
Vulnerability details: VCID-tkcj-p17z-6fe3
Vulnerability ID VCID-tkcj-p17z-6fe3
Aliases CVE-2013-2186
GHSA-qx6h-9567-5fqw
Summary
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-20 Improper Input Validation
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-626 Null Byte Interaction Error (Poison Null Byte)
System Score Found at
generic_textual HIGH http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00008.html
generic_textual HIGH http://lists.opensuse.org/opensuse-updates/2013-10/msg00033.html
generic_textual HIGH http://lists.opensuse.org/opensuse-updates/2013-10/msg00050.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2013-1448.html
generic_textual HIGH https://access.redhat.com/errata/RHSA-2016:0070
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
epss 0.90172 https://api.first.org/data/v1/epss?cve=CVE-2013-2186
generic_textual HIGH https://exchange.xforce.ibmcloud.com/vulnerabilities/88133
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-qx6h-9567-5fqw
generic_textual HIGH https://github.com/apache/commons-fileupload
generic_textual HIGH https://github.com/apache/commons-fileupload/blob/master/RELEASE-NOTES.txt
generic_textual HIGH https://github.com/apache/commons-fileupload/commit/163a6061fbc077d4b6e4787d26857c2baba495d1
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2013-2186
generic_textual HIGH https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
generic_textual HIGH https://www.tenable.com/security/research/tra-2016-23
generic_textual HIGH http://ubuntu.com/usn/usn-2029-1
generic_textual HIGH http://www.debian.org/security/2013/dsa-2827
generic_textual HIGH http://www.securityfocus.com/bid/63174
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00008.html
http://lists.opensuse.org/opensuse-updates/2013-10/msg00033.html
http://lists.opensuse.org/opensuse-updates/2013-10/msg00050.html
http://rhn.redhat.com/errata/RHSA-2013-1448.html
https://access.redhat.com/errata/RHSA-2016:0070
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2186.json
https://api.first.org/data/v1/epss?cve=CVE-2013-2186
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2186
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2186
https://exchange.xforce.ibmcloud.com/vulnerabilities/88133
https://github.com/apache/commons-fileupload
https://github.com/apache/commons-fileupload/blob/master/RELEASE-NOTES.txt
https://github.com/apache/commons-fileupload/commit/163a6061fbc077d4b6e4787d26857c2baba495d1
https://nvd.nist.gov/vuln/detail/CVE-2013-2186
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
https://www.tenable.com/security/research/tra-2016-23
http://ubuntu.com/usn/usn-2029-1
http://www.debian.org/security/2013/dsa-2827
http://www.securityfocus.com/bid/63174
726601 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726601
974814 https://bugzilla.redhat.com/show_bug.cgi?id=974814
CVE-2013-2186 https://access.redhat.com/security/cve/CVE-2013-2186
GHSA-qx6h-9567-5fqw https://github.com/advisories/GHSA-qx6h-9567-5fqw
RHSA-2013:1428 https://access.redhat.com/errata/RHSA-2013:1428
RHSA-2013:1429 https://access.redhat.com/errata/RHSA-2013:1429
RHSA-2013:1430 https://access.redhat.com/errata/RHSA-2013:1430
RHSA-2013:1442 https://access.redhat.com/errata/RHSA-2013:1442
RHSA-2013:1448 https://access.redhat.com/errata/RHSA-2013:1448
USN-2029-1 https://usn.ubuntu.com/2029-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.99564
EPSS Score 0.90172
Published At Aug. 9, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T07:58:47.885204+00:00 ProjectKB MSRImporter Import https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv 37.0.0