-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| commons-fileupload:commons-fileupload | maven | < 1.5 | 1.5 |
| org.apache.tomcat:tomcat-coyote | maven | >= 10.1.0-M1, < 10.1.5 | 10.1.5 |
| org.apache.tomcat:tomcat-coyote | maven | >= 11.0.0-M2, < 11.0.0-M5 | 11.0.0-M5 |
| org.apache.tomcat:tomcat-coyote | maven | >= 8.5.85, < 8.5.88 | 8.5.88 |
| org.apache.tomcat:tomcat-coyote | maven | >= 9.0.0-M1, < 9.0.71 | 9.0.71 |
| org.apache.tomcat.embed:tomcat-embed-core | maven | >= 10.1.0-M1, < 10.1.5 | 10.1.5 |
| org.apache.tomcat.embed:tomcat-embed-core | maven | >= 11.0.0-M2, < 11.0.0-M5 | 11.0.0-M5 |
| org.apache.tomcat.embed:tomcat-embed-core | maven | >= 8.5.85, < 8.5.88 | 8.5.88 |
| org.apache.tomcat.embed:tomcat-embed-core | maven | >= 9.0.0-M1, < 9.0.71 | 9.0.71 |
JavaJavaMiggo AIRoot Cause AnalysisThe vulnerability stems from missing file count limit checks in multipart request processing. The GitHub commit e20c049 shows the critical addition of fileCountMax validation in FileUploadBase.parseRequest(). Pre-patch code (seen in diff lines 337-373) processes parts in a while(iter.hasNext()) loop without checking items.size() against a limit. Tomcat's CVE-2023-24998 advisory confirms they used vulnerable FileUpload code. The Tomcat commit 9ca96c8 shows identical fixes in their fork, confirming equivalent vulnerable functions exist in their codebase.
Ongoing coverage of React2Shell