VDB
RHSA-2014%3A0686
RHSA-2014%3A0686
PUBLISHED
Updated tomcat packages that fix three security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat Enterprise Linux Client (v. 7) | ||
| Red Hat Enterprise Linux Workstation (v. 7) | ||
| Red Hat Enterprise Linux Workstation Optional (v. 7) | ||
| Red Hat Enterprise Linux ComputeNode Optional (v. 7) | ||
| tomcat | ||
| Red Hat Enterprise Linux ComputeNode (v. 7) | ||
| Red Hat Enterprise Linux Server Optional (v. 7) | ||
| Red Hat Enterprise Linux Client Optional (v. 7) | ||
| Red Hat Enterprise Linux Server (v. 7) |
Exploit Intelligence
- A simple python script PoC demonstrating the slow POST chunked transmission vulnerability. (github-poc)
- https://access.redhat.com/errata/RHSA-2014:0686 (circl)
- https://access.redhat.com/security/updates/classification/#important (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=1069905 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=1069921 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=1089884 (circl)
- https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0686.json (circl)
Timeline
- Jun 10, 2014 CVE Published
- Jan 28, 2026 CVE Updated
- Apr 5, 2026 Distribution Patch
- Apr 5, 2026 Distribution Patch
- Apr 5, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2014:0686 advisory
- https://access.redhat.com/security/updates/classification/#important url
- https://bugzilla.redhat.com/show_bug.cgi?id=1069905 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1069921 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1089884 url
- https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0686.json advisory