UBUNTU-CVE-2014-0230
- Source
- https://ubuntu.com/security/CVE-2014-0230
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-0230.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2014-0230
- Upstream
- Downstream
- Related
- Published
- 2015-06-07T00:00:00Z
- Modified
- 2026-02-04T03:33:47.222688Z
- Severity
-
- Ubuntu - low
- Summary
- [none]
- Details
-
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
- References
Affected packages
Ubuntu:14.04:LTS / tomcat6
Package
- Name
- tomcat6
- Purl
- pkg:deb/ubuntu/tomcat6@6.0.39-1ubuntu0.1?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.0.39-1ubuntu0.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "libservlet2.4-java"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "libservlet2.5-java"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "libtomcat6-java"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-admin"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-common"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-docs"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-examples"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-extras"
},
{
"binary_version": "6.0.39-1ubuntu0.1",
"binary_name": "tomcat6-user"
}
],
"availability": "No subscription required"
}
Ubuntu:14.04:LTS / tomcat7
Package
- Name
- tomcat7
- Purl
- pkg:deb/ubuntu/tomcat7@7.0.52-1ubuntu0.3?arch=source&distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7.0.52-1ubuntu0.3
Ecosystem specific
{
"binaries": [
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "libservlet3.0-java"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "libtomcat7-java"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-admin"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-common"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-docs"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-examples"
},
{
"binary_version": "7.0.52-1ubuntu0.3",
"binary_name": "tomcat7-user"
}
],
"availability": "No subscription required"
}
Ubuntu:16.04:LTS / tomcat6
Package
- Name
- tomcat6
- Purl
- pkg:deb/ubuntu/tomcat6@6.0.45+dfsg-1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.0.45+dfsg-1