Description
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2019-2939 Vulnerability (CVE-2019-2939)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-7659)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15110)
Django Improper Access Control Vulnerability (CVE-2016-2048)
WordPress Plugin Contact Form Email Cross-Site Scripting (1.1.87)