com.googlecode.gwtupload:gwtupload@0.6.3-compat vulnerabilities

latest version

1.0.3

first published

14 years ago

latest version published

10 years ago

licenses detected

Apache-2.0
[0.6,)

package manager

View on Maven Repository

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the com.googlecode.gwtupload:gwtupload package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Denial of Service (DoS) com.googlecode.gwtupload:gwtupload is a library for uploading files to web servers, showing a progress bar with real information about the process (file size, bytes transferred, etc). Affected versions of this package are vulnerable to Denial of Service (DoS). `server/UploadServlet.java` (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service. How to fix Denial of Service (DoS)? There is no fixed version for `com.googlecode.gwtupload:gwtupload`.	[0,)

Denial of Service (DoS)

com.googlecode.gwtupload:gwtupload is a library for uploading files to web servers, showing a progress bar with real information about the process (file size, bytes transferred, etc).

Affected versions of this package are vulnerable to Denial of Service (DoS). server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service.

How to fix Denial of Service (DoS)?

There is no fixed version for com.googlecode.gwtupload:gwtupload.

[0,)

Go back to all versions of this package