Description
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
Remediation
References
Related Vulnerabilities
MySQL CVE-2018-3062 Vulnerability (CVE-2018-3062)
CubeCart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3724)
Oracle Database Server CVE-2010-0854 Vulnerability (CVE-2010-0854)
WordPress Plugin Accept Donations with PayPal Cross-Site Request Forgery (1.3)
Lighttpd NULL Pointer Dereference Vulnerability (CVE-2022-37797)