The DiskFileItem class from the Apache Commons FileUpload library before version 1.3.3 was vulnerable to CVE-2016-1000031. Atlassian Fisheye was using a vulnerable version of this library, although not the DiskFileItem class. Fisheye has been updated to use the safe version of the Apache Commons FileUpload library.

CPENameOperatorVersion
fisheyelt4.7.0
fisheyele4.2.3

CPE	Name	Operator	Version
	fisheye	lt	4.7.0
	fisheye	le	4.2.3

freebsd 2

nessus 16

openvas 6

ibm 62

prion 1

osv 1

atlassian 5

cve 1

github 1

zdi 1

cisa 1

ubuntucve 1

checkpoint_advisories 2

cisco 1

cvelist 1

f5 1

debiancve 1

suse 1

symantec 1

nvd 1

threatpost 2

oracle 12

freebsd

Axis2 -- Security vulnerability on dependency Apache Commons FileUpload

2016-11-14 00:00:00

payara -- Multiple vulnerabilities

2016-06-16 00:00:00

nessus

Apache Struts <= 2.3.36 FileUpload Deserialization Vulnerability

2018-11-05 00:00:00

openSUSE Security Update : jakarta-commons-fileupload (openSUSE-2019-1399)

2019-05-16 00:00:00

FreeBSD : Axis2 -- Security vulnerability on dependency Apache Commons FileUpload (c1265e85-7c95-11e7-93af-005056925db4)

2017-08-09 00:00:00

openvas

openSUSE: Security Advisory for jakarta-commons-fileupload (openSUSE-SU-2019:1399-1)

2019-05-16 00:00:00

SUSE: Security Advisory (SUSE-SU-2019:1212-1)

2021-06-09 00:00:00

Apache Struts 2.x <= 2.3.36 commons-fileupload RCE Vulnerability

2018-11-08 00:00:00

ibm

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2016-1000031)

2018-07-10 08:34:12

Security Bulletin: IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation are affected by the ability to execute remote attacker’s arbitrary code on a target machine vulnerability

2018-06-17 12:19:02

Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Spectrum Control and Tivoli Storage Productivity Center (CVE-2016-1000031)

2022-02-22 19:27:34

prion

Remote code execution

2016-10-25 14:29:00

osv

Improper Access Control in commons-fileupload

2018-12-21 17:51:51

atlassian

Fisheye had a vulnerable version of Apache Commons FileUpload - CVE-2016-1000031

2019-02-14 22:03:17

Crucible had a vulnerable version of Apache Commons FileUpload - CVE-2016-1000031

2019-02-14 21:59:23

Crucible had a vulnerable version of Apache Commons FileUpload - CVE-2016-1000031

2019-02-14 21:59:23

cve

CVE-2016-1000031

2016-10-25 14:29:00

github

Improper Access Control in commons-fileupload

2018-12-21 17:51:51

zdi

Novell NetIQ Sentinel Commons DiskFileItem Deserialization of Untrusted Data Remote Code Execution Vulnerability

2016-10-17 00:00:00

cisa

Apache Releases Security Advisory for Apache Struts

2018-11-05 00:00:00

ubuntucve

CVE-2016-1000031

2016-10-25 00:00:00

checkpoint_advisories

Apache Struts 2 Commons FileUpload Insecure Deserialization (CVE-2016-1000031)

2019-02-14 00:00:00

Apache Struts Remote Code Execution (CVE-2016-1000031)

2018-11-07 00:00:00

cisco

Apache Struts Commons FileUpload Library Remote Code Execution Vulnerability Affecting Cisco Products: November 2018

2018-11-07 00:00:00

cvelist

CVE-2016-1000031

2016-10-25 14:00:00

K25206238 : Apache Commons FileUpload vulnerability CVE-2016-1000031

2018-04-02 00:00:00

debiancve

CVE-2016-1000031

2016-10-25 14:29:00

suse

Security update for jakarta-commons-fileupload (important)

2019-05-15 00:00:00

symantec

Novell NetIQ Sentinel CVE-2016-1000031 Remote Code Execution Vulnerability

2016-10-17 00:00:00

nvd

CVE-2016-1000031

2016-10-25 14:29:00

threatpost

Oracle Squashes 53 Critical Bugs in April Security Update

2019-04-17 13:33:09

Apache Struts Warns Users of Two-Year-Old Vulnerability

2018-11-06 12:27:15

oracle

Oracle Critical Patch Update Advisory - October 2019

2020-01-22 00:00:00

Oracle Critical Patch Update Advisory - January 2019

2019-01-15 00:00:00

Oracle Critical Patch Update - October 2016

2016-10-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.059 Low

EPSS

Percentile

93.5%

JSON

Related for ATLASSIAN:FE-7164