Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2023-24998 - log back

CVE-2023-24998 edited at 27 Feb 2023 21:50:40

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Denial of service

Description

+	a packaged renamed copy of Apache Commons FileUpload packaged in tomcat was vulnerable to denial of service triggered by a malicious upload or series of uploads

References

+	https://seclists.org/oss-sec/2023/q1/108

Notes

+	source does not specify severity (yet) but DoS is usually medium so I'm putting medium here

CVE-2023-24998 created at 27 Feb 2023 21:44:00