- CVE ID
- sonatype-2023-4519
- CWE
- N/A
- CVE Description
- esapi - ESAPI file uploads Denial of Service (DoS) vulnerabilities
- Published
- Oct 31, 2023
- CVSS Score & Severity
7.5High
- CVSS Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- EPSS Score
- 0%
- KEV Status
Not in KEV Catalog: No known exploits
- Vulnerable Methods
org/owasp/esapi/reference/DefaultHTTPUtilities.decryptString(Ljava/lang/String;)Ljava/lang/String;JVMVulnerable params: 0
org/owasp/esapi/reference/DefaultHTTPUtilities.getFileUploads(Ljavax/servlet/http/HttpServletRequest;Ljava/io/File;Ljava/util/List;)Ljava/util/List;JVMVulnerable params: 0
- Source
- Sonatype