Security Advisory Description Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue. (CVE-2025-48976) Impact A remote attacker could exploit this vulnerability by sending a specially crafted request with an excessively large number of multipart headers. This malicious input can lead to uncontrolled memory consumption within applications using the library, exhausting system resources and causing a denial-of-service…Read More
K000152614: Apache Commons vulnerability CVE-2025-48976
