UBUNTU-CVE-2014-0227
- Source
- https://ubuntu.com/security/CVE-2014-0227
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-0227.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2014-0227
- Upstream
- Downstream
- Related
- Published
- 2015-02-15T00:00:00Z
- Modified
- 2026-02-04T03:34:30.577274Z
- Severity
-
- Ubuntu - low
- Summary
- [none]
- Details
-
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.
- References
Affected packages
Ubuntu:14.04:LTS / tomcat6
Package
- Name
- tomcat6
- Purl
- pkg:deb/ubuntu/tomcat6@6.0.39-1ubuntu0.1?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.0.39-1ubuntu0.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "libservlet2.4-java"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "libservlet2.5-java"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "libtomcat6-java"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-admin"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-common"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-docs"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-examples"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-extras"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-user"
}
],
"availability": "No subscription required"
}
Ubuntu:14.04:LTS / tomcat7
Package
- Name
- tomcat7
- Purl
- pkg:deb/ubuntu/tomcat7@7.0.52-1ubuntu0.3?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.0.52-1ubuntu0.3
Ecosystem specific
{
"binaries": [
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "libservlet3.0-java"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "libtomcat7-java"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-admin"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-common"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-docs"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-examples"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-user"
}
],
"availability": "No subscription required"
}
Ubuntu:16.04:LTS / tomcat6
Package
- Name
- tomcat6
- Purl
- pkg:deb/ubuntu/tomcat6@6.0.45+dfsg-1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.0.45+dfsg-1