1 Reply Latest reply on Sep 30, 2015 11:58 AM by Tomaz Cerar

    jboss-as-7.1.1.Final CVE-2014-0050 apache-commons-fileupload: denial of service

    Praveen Adivi Newbie

      Thank you for taking the time to read my post. If the solution to this were already discussed in the forums please point me in the right direction.

       

      jboss-as-7.1.1.Final is affected by "CVE-2014-0050 apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartStream" and this bug is recorded in the redhat bugzilla  with the bug number 1062337 (Bug 1062337 – CVE-2014-0050 apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartS…) . Please let me know what patch can be applied to jboss-as-7.1.1.Final in order to fix this bug and what the best way of applying the patch would be.