VDB

RHSA-2014%3A0842

RHSA-2014%3A0842 PUBLISHED CVSS 4.300000190734863 MEDIUM

It was discovered that JBoss Web / Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against JBoss Web / Apache Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources.

Risk Scores

CVSS 2.0
4.300000190734863

Affected Products

VendorProductVersions
Red HatRed Hat JBoss Enterprise Application Platform 6.2

Timeline

  • Jul 7, 2014 CVE Published
  • Jan 28, 2026 CVE Updated
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Distribution Patch
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
  • Apr 29, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›