.. _vulnerabilityManagement_securityAdvisory_2023_CVE-2023-24998:

CVE-2023-24998
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Data: 2023-02-22

Severity: High

CVSS Score:  7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Riferimenti: `https://nvd.nist.gov/vuln/detail/CVE-2023-24998 <https://nvd.nist.gov/vuln/detail/CVE-2023-24998>`_

Libreria: commons-fileupload:commons-fileupload <= 1.4

**Descrizione**

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.


**GovWay**

Versione affette: <= 3.3.10

Risoluzione: 3.3.11