Skip to content

fix(deps): update dependency commons-fileupload:commons-fileupload to v1.6.0 [security]#1254

Open
renovate-bot wants to merge 1 commit intoGoogleCloudPlatform:mainfrom
renovate-bot:renovate/maven-commons-fileupload-commons-fileupload-vulnerability
Open

fix(deps): update dependency commons-fileupload:commons-fileupload to v1.6.0 [security]#1254
renovate-bot wants to merge 1 commit intoGoogleCloudPlatform:mainfrom
renovate-bot:renovate/maven-commons-fileupload-commons-fileupload-vulnerability

Conversation

@renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Jul 9, 2025

This PR contains the following updates:

Package Change Age Confidence
commons-fileupload:commons-fileupload (source) 1.5 -> 1.6.0 age confidence

GitHub Vulnerability Alerts

CVE-2025-48976

Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload.

This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4.

Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@forking-renovate forking-renovate bot added the automerge Merge the pull request once unit tests and other checks pass. label Jul 9, 2025
@renovate-bot renovate-bot requested a review from a team as a code owner July 9, 2025 18:55
@renovate-bot renovate-bot added the automerge Merge the pull request once unit tests and other checks pass. label Jul 9, 2025
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 9, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 9, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from e80e4a8 to 94e263b Compare July 10, 2025 09:08
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 10, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 10, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 94e263b to 923c942 Compare July 11, 2025 01:15
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 11, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 11, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 923c942 to bc2928f Compare July 11, 2025 17:26
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 11, 2025
@kokoro-team kokoro-team removed kokoro:force-run Add this label to force Kokoro to re-run the tests. labels Jul 11, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from bc2928f to 863a0e3 Compare July 12, 2025 07:01
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 863a0e3 to 491d848 Compare July 12, 2025 15:33
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 491d848 to a2cd3bb Compare July 12, 2025 23:43
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 12, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from a2cd3bb to d2ac08f Compare July 13, 2025 07:08
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 13, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 13, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from d2ac08f to a2440d4 Compare July 13, 2025 16:03
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 13, 2025
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 15, 2025
@kokoro-team kokoro-team removed kokoro:force-run Add this label to force Kokoro to re-run the tests. labels Jul 15, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 6d59d53 to 1420171 Compare July 16, 2025 16:06
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 16, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 16, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 1420171 to 2dc182a Compare July 17, 2025 05:15
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 17, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 17, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 2dc182a to 8bfe635 Compare July 17, 2025 21:15
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 17, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 17, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 8bfe635 to f6baec6 Compare July 18, 2025 14:14
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 18, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 18, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from f6baec6 to 4236965 Compare July 19, 2025 03:54
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 19, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 19, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 4236965 to 668e0ee Compare July 19, 2025 15:31
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 19, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 19, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 668e0ee to 6a64c87 Compare July 20, 2025 03:34
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 20, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 20, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 6a64c87 to 00f649d Compare July 20, 2025 11:00
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 20, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 20, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-fileupload-commons-fileupload-vulnerability branch from 00f649d to 1f25d43 Compare July 20, 2025 19:35
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@Mukamik Mukamik

Labels

automerge Merge the pull request once unit tests and other checks pass.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@renovate-bot @Mukamik @kokoro-team