VDB
CVE-2016-1000031
CVE-2016-1000031
PUBLISHED
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
EPSS 56.43% · 98.2th percentile
Risk Scores
EPSS Score
56.43%
98.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:16.04:LTS | tomcat8 | 0, 8.0.28-1, 8.0.30-1 |
| Ubuntu:Pro:16.04:LTS | tomcat7 | 7.0.68-1ubuntu0.4+esm3, 0, 7.0.64-1 |
| Ubuntu:Pro:14.04:LTS | tomcat7 | 7.0.52-1ubuntu0.11, 7.0.52-1ubuntu0.13, 7.0.52-1ubuntu0.14 |
| Ubuntu:16.04:LTS | tomcat6 | 6.0.45+dfsg-1ubuntu0.2, 0, * |
| Ubuntu:Pro:14.04:LTS | tomcat6 | 6.0.39-1ubuntu0.1, 6.0.39-1ubuntu0.1+esm2, 0 |
| Ubuntu:16.04:LTS | libcommons-fileupload-java | 1.3.1-2ubuntu0.1, 1.3.1-2, 1.3.1-1 |
Timeline
- Oct 17, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Nov 24, 2024 EPSS Score
- Dec 17, 2024 EPSS Score
- Mar 29, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
- Apr 21, 2025 EPSS Score
- May 1, 2025 EPSS Score
- May 9, 2025 EPSS Score
- May 25, 2025 EPSS Score
- Jun 4, 2025 EPSS Score
References
- https://ubuntu.com/security/CVE-2016-1000031 third-party-advisory
- http://www.tenable.com/security/research/tra-2016-12 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2016-1000031 third-party-advisory