VDB

GCVE-110-MAGEIA-2014-149

GCVE-110-MAGEIA-2014-149
Advisory Published
Vulnetix · Advisory published April 3, 2014
Apache Tomcat 7.x before 7.0.50 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data (CVE-2013-4322). Apache Tomcat 7.x before 7.0.50 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (CVE-2013-4590).

Affected Products

VendorProductVersionsPlatforms
Mageiagcompris0 (affected), 14.05-1.mga4 (unaffected)
Mageiatomcat0 (affected), 7.0.52-1.mga4 (unaffected), 7.0.52-1.mga4 (unaffected), 0 (affected)

Browse GCVE Records

72,148 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›