Description
The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
Remediation
References
Related Vulnerabilities
Apache version older than 1.3.34
WordPress Plugin Word Balloon Cross-Site Scripting (4.19.2)
Apache Tomcat Improperly Implemented Security Check for Standard Vulnerability (CVE-2017-15706)
Oracle JRE CVE-2013-2471 Vulnerability (CVE-2013-2471)
Oracle Database Server CVE-2012-0534 Vulnerability (CVE-2012-0534)