[UPDATE] [mittel] Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service

Kurzinfo

Metadaten

Original (extern): Link oeffnen
Veroeffentlicht: 2026-05-13 08:00 UTC
Importiert: 2026-05-15 04:48 UTC
Quelle-ID: cert_bund
uid_hash: 94737fe51fd963ae7fb6d7510363bdb5742f7d9d2eedb6a96ca1cdc30b595581

CERT-Bund (BSI)

Inhalt

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Commons FileUpload ausnutzen, um einen Denial of Service Angriff durchzuführen.

Verknuepfte CVEs

CVE-ID	CVE-Schwere	CVSS (CVE.org)	EPSS	EPSS-Pctl	Veroeffentlicht (CVE.org)
CVE-2025-48976	-	-	-	-

Externe Referenzen

Bezeichnung	Typ	CVE	Quelle
PoC CVE-2025-48988 & CVE-2025-48976 vom 2025-06-20	POC	-	wid_csaf
Red Hat Security Advisory RHSA-2025:11695 vom 2025-07-28	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:11696 vom 2025-07-28	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:11741 vom 2025-07-30	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:11742 vom 2025-07-30	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:14177 vom 2025-08-20	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:14178 vom 2025-08-20	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:14179 vom 2025-08-20	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:14180 vom 2025-08-21	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:14181 vom 2025-08-20	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:14182 vom 2025-08-20	VENDOR	-	wid_csaf
Red Hat Security Advisory RHSA-2025:14183 vom 2025-08-20	VENDOR	-	wid_csaf
Amazon Linux Security Advisory ALAS2-2025-2920 vom 2025-07-10	EXTERNAL	-	wid_csaf
Amazon Linux Security Advisory ALAS2TOMCAT9-2025-020 vom 2025-07-10	EXTERNAL	-	wid_csaf
Red Hat Bugtracker #2373020 vom 2025-06-16	EXTERNAL	-	wid_csaf
Atlassian Security Bulletin - July 15 2025	EXTERNAL	-	wid_csaf
Rocky Linux Security Advisory RLSA-2025:14177 vom 2025-09-08	EXTERNAL	-	wid_csaf
GitHub Security Advisory GHSA-vv7r-c36w-3prj vom 2025-06-16	EXTERNAL	-	wid_csaf
Atlassian Security Bulletin	EXTERNAL	-	wid_csaf
Jira Security Advisory	EXTERNAL	-	wid_csaf
Jira Security Advisory	EXTERNAL	-	wid_csaf
Oracle Linux Security Advisory ELSA-2025-14177 vom 2025-08-21	EXTERNAL	-	wid_csaf
Oracle Linux Security Advisory ELSA-2025-14178 vom 2025-08-21	EXTERNAL	-	wid_csaf
Oracle Linux Security Advisory ELSA-2025-14179 vom 2025-08-22	EXTERNAL	-	wid_csaf
Oracle Linux Security Advisory ELSA-2025-14181 vom 2025-08-21	EXTERNAL	-	wid_csaf
Debian Security Advisory DLA-4245 vom 2025-07-22	EXTERNAL	-	wid_csaf
Debian Security Advisory DLA-4244 vom 2025-07-22	EXTERNAL	-	wid_csaf
SUSE Security Update SUSE-SU-2025:02184-1 vom 2025-07-01	EXTERNAL	-	wid_csaf
SUSE Security Update SUSE-SU-2025:02159-1 vom 2025-06-27	EXTERNAL	-	wid_csaf
F5 Security Advisory K000152614 vom 2025-07-17	EXTERNAL	-	wid_csaf
Mailing list OSS Security vom 2025-06-16	EXTERNAL	-	wid_csaf
XEROX Security Advisory XRX25-018 vom 2025-11-18	EXTERNAL	-	wid_csaf
NetApp Security Advisory NTAP-20251107-0004 vom 2025-11-07	EXTERNAL	-	wid_csaf
HCL Security Bulletin vom 2025-09-26	EXTERNAL	-	wid_csaf
HCL Security Bulletin vom 2025-08-05	EXTERNAL	-	wid_csaf
HCL Security Bulletin vom 2025-12-20	EXTERNAL	-	wid_csaf
HCL Security Bulletin vom 2025-10-24	EXTERNAL	-	wid_csaf
SAS Security Update vom 2025-10-02	EXTERNAL	-	wid_csaf
Absolute Security Information vom 2025-07-30	EXTERNAL	-	wid_csaf
Dell Security Advisory DSA-2025-390 vom 2025-11-05	EXTERNAL	-	wid_csaf
Dell Security Advisory DSA-2025-415 vom 2025-12-22	EXTERNAL	-	wid_csaf
Dell Security Advisory DSA-2025-365 vom 2025-12-01	EXTERNAL	-	wid_csaf
Dell Security Advisory DSA-2026-152 vom 2026-03-23	EXTERNAL	-	wid_csaf
Hitachi Vulnerability Information HITACHI-SEC-2026-112 vom 2026-03-11	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7239588 vom 2025-11-26	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7239757 vom 2025-07-15	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7239768 vom 2025-07-15	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7242088 vom 2025-08-13	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7242150 vom 2025-08-14	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7242269 vom 2025-08-15	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7243542 vom 2025-08-29	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7243781 vom 2025-09-02	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7244395 vom 2025-09-09	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7244610 vom 2025-09-11	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7244759 vom 2025-09-12	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7245133 vom 2025-09-16	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7245567 vom 2025-09-19	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7245647 vom 2025-09-20	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7245706 vom 2025-09-22	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7246164 vom 2025-09-29	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7247015 vom 2025-10-03	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7247770 vom 2025-10-13	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7247771 vom 2025-10-13	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7247935 vom 2025-10-14	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7248784 vom 2025-10-23	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7248944 vom 2025-10-23	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7249056 vom 2025-10-24	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7249764 vom 2025-10-31	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7249994 vom 2025-11-12	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7250258 vom 2025-11-06	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7251247 vom 2025-11-14	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7252567 vom 2025-11-26	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7254321 vom 2025-12-10	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7255033 vom 2025-12-17	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7256452 vom 2026-01-07	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7261162 vom 2026-02-18	EXTERNAL	-	wid_csaf
IBM Security Bulletin 7272628 vom 2026-05-12	EXTERNAL	-	wid_csaf

Quellen-Details

Bezeichnung	Name	Kategorie	Tags	Zielgruppe	Sprache	Feed-URL
CERT-Bund (BSI)	cert_bund	government_cert		-	de	https://wid.cert-bund.de/content/public/securityAdvisory/rss

Zurueck zur Eintrags-Liste