CVE-2014-0099 (Medium) detected in tomcat-util-5.5.4.jar, tomcat-coyote-5.5.4.jar #102
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2014-0099 - Medium Severity Vulnerability
tomcat-util-5.5.4.jar
null
Path to vulnerable library: /Remediate/WebGoat5.0/tomcat/server/lib/tomcat-util.jar
Dependency Hierarchy:
tomcat-coyote-5.5.4.jar
null
Path to vulnerable library: /Remediate/WebGoat5.0/tomcat/server/lib/tomcat-coyote.jar
Dependency Hierarchy:
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
Publish Date: 2014-05-31
URL: CVE-2014-0099
Base Score Metrics not available
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-0099
Release Date: 2014-05-31
Fix Resolution: 6.0.40,7.0.53,8.0.4
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: