Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-0230

Опубликовано: 07 июн. 2015
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 7.8

Описание

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-apps/xenial

released

6.0.45+dfsg-1
esm-infra-legacy/trusty

not-affected

6.0.39-1ubuntu0.1
lucid

ignored

end of life
precise

released

6.0.35-1ubuntu3.6
precise/esm

not-affected

6.0.35-1ubuntu3.6
trusty

released

6.0.39-1ubuntu0.1
trusty/esm

not-affected

6.0.39-1ubuntu0.1

Показывать по

РелизСтатусПримечание
artful

not-affected

7.0.56-2
bionic

not-affected

7.0.56-2
devel

not-affected

7.0.56-2
esm-apps/bionic

not-affected

7.0.56-2
esm-apps/xenial

not-affected

7.0.56-2
esm-infra-legacy/trusty

not-affected

7.0.52-1ubuntu0.3
lucid

DNE

precise

ignored

end of life
precise/esm

DNE

precise was needed
trusty

released

7.0.52-1ubuntu0.3

Показывать по

РелизСтатусПримечание
artful

not-affected

8.0.14-1
bionic

not-affected

8.0.14-1
devel

not-affected

8.0.14-1
esm-apps/bionic

not-affected

8.0.14-1
esm-infra-legacy/trusty

DNE

esm-infra/xenial

not-affected

8.0.14-1
lucid

DNE

precise

DNE

precise/esm

DNE

trusty

DNE

Показывать по

EPSS

Процентиль: 91%
0.06351
Низкий

7.8 High

CVSS2

Связанные уязвимости

redhat
около 11 лет назад

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.

nvd
около 10 лет назад

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.

debian
около 10 лет назад

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0 ...

github
больше 3 лет назад

Uncontrolled Resource Consumption in Apache Tomcat

suse-cvrf
почти 10 лет назад

Security update for tomcat6

EPSS

Процентиль: 91%
0.06351
Низкий

7.8 High

CVSS2