CVE Vulnerabilities

CVE-2014-0227

Published: Feb 16, 2015 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.

Affected Software

Name Vendor Start Version End Version
Tomcat Apache 7.0.2 7.0.2
Tomcat Apache 6.0.33 6.0.33
Tomcat Apache 6.0.0 6.0.0
Tomcat Apache 7.0.49 7.0.49
Tomcat Apache 6.0.39 6.0.39
Tomcat Apache 7.0.12 7.0.12
Tomcat Apache 6.0.6 6.0.6
Tomcat Apache 7.0.53 7.0.53
Tomcat Apache 6.0.4 6.0.4
Tomcat Apache 7.0.20 7.0.20
Tomcat Apache 6.0.11 6.0.11
Tomcat Apache 7.0.34 7.0.34
Tomcat Apache 7.0.8 7.0.8
Tomcat Apache 7.0.1 7.0.1
Tomcat Apache 7.0.2 7.0.2
Tomcat Apache 7.0.5 7.0.5
Tomcat Apache 7.0.4 7.0.4
Tomcat Apache 6.0.7 6.0.7
Tomcat Apache 6.0.4 6.0.4
Tomcat Apache 7.0.22 7.0.22
Tomcat Apache 7.0.39 7.0.39
Tomcat Apache 7.0.26 7.0.26
Tomcat Apache 7.0.46 7.0.46
Tomcat Apache 8.0.5 8.0.5
Tomcat Apache 6.0.15 6.0.15
Tomcat Apache 7.0.28 7.0.28
Tomcat Apache 8.0.1 8.0.1
Tomcat Apache 7.0.0 7.0.0
Tomcat Apache 7.0.50 7.0.50
Tomcat Apache 7.0.6 7.0.6
Tomcat Apache 8.0.0 8.0.0
Tomcat Apache 7.0.18 7.0.18
Tomcat Apache 6.0.20 6.0.20
Tomcat Apache 7.0.14 7.0.14
Tomcat Apache 6.0.9 6.0.9
Tomcat Apache 6.0.10 6.0.10
Tomcat Apache 6.0.31 6.0.31
Tomcat Apache 6.0.29 6.0.29
Tomcat Apache 7.0.48 7.0.48
Tomcat Apache 7.0.11 7.0.11
Tomcat Apache 8.0.0 8.0.0
Tomcat Apache 6.0.3 6.0.3
Tomcat Apache 7.0.23 7.0.23
Tomcat Apache 7.0.0 7.0.0
Tomcat Apache 6.0.9 6.0.9
Tomcat Apache 6.0.1 6.0.1
Tomcat Apache 6.0.7 6.0.7
Tomcat Apache 6.0.24 6.0.24
Tomcat Apache 7.0.44 7.0.44
Tomcat Apache 6.0.37 6.0.37
Tomcat Apache 6.0.17 6.0.17
Tomcat Apache 7.0.7 7.0.7
Tomcat Apache 7.0.52 7.0.52
Tomcat Apache 7.0.42 7.0.42
Tomcat Apache 6.0.32 6.0.32
Tomcat Apache 6.0.28 6.0.28
Tomcat Apache 7.0.37 7.0.37
Tomcat Apache 7.0.29 7.0.29
Tomcat Apache 7.0.45 7.0.45
Tomcat Apache 8.0.0 8.0.0
Tomcat Apache 6.0.0 6.0.0
Tomcat Apache 7.0.13 7.0.13
Tomcat Apache 7.0.47 7.0.47
Tomcat Apache 6.0.14 6.0.14
Tomcat Apache 7.0.41 7.0.41
Tomcat Apache 7.0.31 7.0.31
Tomcat Apache 7.0.30 7.0.30
Tomcat Apache 7.0.15 7.0.15
Tomcat Apache 7.0.19 7.0.19
Tomcat Apache 7.0.16 7.0.16
Tomcat Apache 6.0.6 6.0.6
Tomcat Apache 6.0.41 6.0.41
Tomcat Apache 7.0.10 7.0.10
Tomcat Apache 7.0.36 7.0.36
Tomcat Apache 6.0.1 6.0.1
Tomcat Apache 7.0.25 7.0.25
Tomcat Apache 6.0.12 6.0.12
Tomcat Apache 7.0.54 7.0.54
Tomcat Apache 7.0.35 7.0.35
Tomcat Apache 8.0.3 8.0.3
Tomcat Apache 6.0.18 6.0.18
Tomcat Apache 7.0.43 7.0.43
Tomcat Apache 6.0.2 6.0.2
Tomcat Apache 8.0.0 8.0.0
Tomcat Apache 7.0.32 7.0.32
Tomcat Apache 7.0.38 7.0.38
Tomcat Apache 6.0.5 6.0.5
Tomcat Apache 7.0.21 7.0.21
Tomcat Apache 7.0.27 7.0.27
Tomcat Apache 6.0.7 6.0.7
Tomcat Apache 7.0.24 7.0.24
Tomcat Apache 7.0.17 7.0.17
Tomcat Apache 7.0.40 7.0.40
Tomcat Apache 6.0.30 6.0.30
Tomcat Apache 6.0.2 6.0.2
Tomcat Apache 7.0.9 7.0.9
Tomcat Apache 6.0.2 6.0.2
Tomcat Apache 6.0.13 6.0.13
Tomcat Apache 7.0.4 7.0.4
Tomcat Apache 8.0.8 8.0.8
Tomcat Apache 7.0.3 7.0.3
Tomcat Apache 6.0.8 6.0.8
Tomcat Apache 6.0.26 6.0.26
Tomcat Apache 6.0.19 6.0.19
Tomcat Apache 6.0.27 6.0.27
Tomcat Apache 6.0.35 6.0.35
Tomcat Apache 6.0.16 6.0.16
Tomcat Apache 6.0.36 6.0.36
Tomcat Apache 7.0.33 7.0.33
Tomcat Apache 6.0.8 6.0.8

References