ALAS-2023-1738 --- tomcat7ID: oval:org.secpod.oval:def:1601693 | Date: (C)2023-05-08 (M)2024-05-09 |
Class: PATCH | Family: unix |
Tomcat: Memory leak Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option is not enabled by default and must be explicitly configured
Platform: |
Amazon Linux AMI |