Open smalyshev opened 4 years ago
Ref. https://jira.blazegraph.com/browse/BLZG-9178 As a part of dependency versions update.
Apache Fileuploads version update due to CVE-2016-3092:The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.
Bug: T218801 Change-Id: I3c696b460f4e9e4e55e0943bb2dd8020c2db8412