In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | edge-community | noarch | jenkins | <Â 2.361.2-r0 | UNKNOWN |
Alpine | 3.17-community | noarch | jenkins | <Â 2.361.2-r0 | UNKNOWN |
Alpine | 3.18-community | noarch | jenkins | <Â 2.361.2-r0 | UNKNOWN |
Alpine | 3.19-community | noarch | jenkins | <Â 2.361.2-r0 | UNKNOWN |