Search CVE reports
91 – 96 of 96 results
CVE-2014-0227
Low prioritySome fixes available 4 of 9
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred,...
3 affected packages
tomcat6, tomcat7, tomcat8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tomcat6 | — | — | — | Not in release | Fixed |
tomcat7 | — | — | — | Not affected | Not affected |
tomcat8 | — | — | — | Not affected | Not affected |
CVE-2014-0095
Medium priorityjava/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP request to trigger a hang in...
1 affected packages
tomcat8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tomcat8 | — | — | — | — | — |
CVE-2014-0119
Low prioritySome fixes available 2 of 7
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files...
3 affected packages
tomcat6, tomcat7, tomcat8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tomcat6 | — | — | Not in release | Not in release | Not affected |
tomcat7 | — | — | Not in release | Not affected | Not affected |
tomcat8 | — | — | Not in release | Not affected | Not affected |
CVE-2014-0099
Medium prioritySome fixes available 4 of 7
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request...
3 affected packages
tomcat6, tomcat7, tomcat8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tomcat6 | — | — | — | Not in release | Not affected |
tomcat7 | — | — | — | Not affected | Not affected |
tomcat8 | — | — | — | Not affected | Not affected |
CVE-2014-0096
Medium prioritySome fixes available 4 of 7
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to...
3 affected packages
tomcat6, tomcat7, tomcat8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tomcat6 | — | — | — | Not in release | Not affected |
tomcat7 | — | — | — | Not affected | Not affected |
tomcat8 | — | — | — | Not affected | Not affected |
CVE-2014-0075
Medium prioritySome fixes available 4 of 7
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial...
3 affected packages
tomcat6, tomcat7, tomcat8
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
tomcat6 | — | — | — | Not in release | Not affected |
tomcat7 | — | — | — | Not affected | Not affected |
tomcat8 | — | — | — | Not affected | Not affected |