7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.946 High
EPSS
Percentile
99.3%
Apache Tomcat 7.0.x before 7.0.55 or 8.0.x before 8.0.9 is affected by multiple vulnerabilities:
A flaw in handling attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service by streaming data with malformed chunked transfer coding. (CVE-2014-0227)
A flaw in handling an aborted file upload after it has partially been completed may allow a remote attacker to exhaust available memory resources. (CVE-2014-0230)
Binary data 8831.prm