Description

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.

Remediation

References

CVE-2014-0230

Related Vulnerabilities

Oracle JRE CVE-2013-5775 Vulnerability (CVE-2013-5775)

Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2317)

WebLogic CVE-2018-3246 Vulnerability (CVE-2018-3246)

Django Resource Management Errors Vulnerability (CVE-2015-5963)

Oracle JRE CVE-2019-2949 Vulnerability (CVE-2019-2949)

Severity

High

Classification

CVE-2014-0230

Tags

Missing Update Known Vulnerabilities