Tomcat@6.0.30 Security Vulnerabilities and Issues — Tomcat@6.0.30 CVE List

Lucene search

ApacheTomcat6.0.30

3 matches found

CVE•added 2015/06/07 11:59 p.m.•223 views

CVE-2014-0230

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted uploa...

7.8CVSS5.5AI score0.0794EPSS

CVE•added 2015/06/07 11:59 p.m.•188 views

CVE-2014-7810

The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanis...

5CVSS6.4AI score0.09321EPSS

CVE•added 2015/02/16 12:59 a.m.•153 views

CVE-2014-0227

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks o...

6.4CVSS6.2AI score0.85997EPSS