Severity: important Affected versions:
- Apache Commons FileUpload (commons-fileupload:commons-fileupload) 1.0 before 1.6 - Apache Commons FileUpload (org.apache.commons:commons-fileupload2) 2.0.0-M1 before 2.0.0-M4 Description: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue. Credit: TERASOLUNA Framework Security Team of NTT DATA Group Corporation (finder) References: https://commons.apache.org/ https://www.cve.org/CVERecord?id=CVE-2025-48976
