VDB
GCVE-110-MAGEIA-2014-149
GCVE-110-MAGEIA-2014-149
Advisory Published
Apache Tomcat 7.x before 7.0.50 processes chunked transfer coding without
properly handling (1) a large total amount of chunked data or (2)
whitespace characters in an HTTP header value within a trailer field,
which allows remote attackers to cause a denial of service by streaming
data (CVE-2013-4322).
Apache Tomcat 7.x before 7.0.50 allows attackers to obtain "Tomcat
internals" information by leveraging the presence of an untrusted web
application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML
document containing an external entity declaration in conjunction with an
entity reference, related to an XML External Entity (XXE) issue
(CVE-2013-4590).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | gcompris | 0 (affected), 14.05-1.mga4 (unaffected) | — |
| Mageia | tomcat | 0 (affected), 7.0.52-1.mga4 (unaffected), 7.0.52-1.mga4 (unaffected), 0 (affected) | — |
Aliases
References
Browse GCVE Records
72,148 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.