VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://advisories.mageia.org/MGASA-2014-0268.html
generic_textual	MODERATE	http://linux.oracle.com/errata/ELSA-2014-0865.html
generic_textual	MODERATE	http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=141017844705317&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=141390017113542&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=144498216801440&w=2
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2015-0675.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2015-0720.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2015-0765.html
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
epss	0.37857	https://api.first.org/data/v1/epss?cve=CVE-2014-0099
apache_tomcat	Important	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2014/Dec/23
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2014/May/138
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2014/May/140
generic_textual	MODERATE	http://secunia.com/advisories/59121
generic_textual	MODERATE	http://secunia.com/advisories/59678
generic_textual	MODERATE	http://secunia.com/advisories/59732
generic_textual	MODERATE	http://secunia.com/advisories/59835
generic_textual	MODERATE	http://secunia.com/advisories/59849
generic_textual	MODERATE	http://secunia.com/advisories/59873
generic_textual	MODERATE	http://secunia.com/advisories/60729
generic_textual	MODERATE	http://secunia.com/advisories/60793
cvssv2	5.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-xh5x-j8jf-pcpx
generic_textual	MODERATE	https://github.com/apache/tomcat
generic_textual	MODERATE	https://github.com/apache/tomcat80/commit/990de53ab923c126f7402090a4ca53df4bb80cbd
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/184cdc0d3f03f5737e12d21fff246d7285034597
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/fffd63a3bd3a5475379b7c074820a5463b7663b3
generic_textual	MODERATE	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
generic_textual	MODERATE	https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2014-0099
generic_textual	MODERATE	http://svn.apache.org/viewvc?view=revision&revision=1578812
generic_textual	MODERATE	http://svn.apache.org/viewvc?view=revision&revision=1578814
generic_textual	MODERATE	http://svn.apache.org/viewvc?view=revision&revision=1580473
generic_textual	MODERATE	http://tomcat.apache.org/security-6.html
generic_textual	MODERATE	http://tomcat.apache.org/security-7.html
generic_textual	MODERATE	http://tomcat.apache.org/security-8.html
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg21678231
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg21680603
generic_textual	MODERATE	http://www-01.ibm.com/support/docview.wss?uid=swg21681528
generic_textual	MODERATE	http://www.debian.org/security/2016/dsa-3447
generic_textual	MODERATE	http://www.debian.org/security/2016/dsa-3530
generic_textual	MODERATE	http://www.mandriva.com/security/advisories?name=MDVSA-2015:052
generic_textual	MODERATE	http://www.mandriva.com/security/advisories?name=MDVSA-2015:053
generic_textual	MODERATE	http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
generic_textual	MODERATE	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/532218/100/0/threaded
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/532221/100/0/threaded
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/534161/100/0/threaded
generic_textual	MODERATE	http://www.securityfocus.com/bid/67668
generic_textual	MODERATE	http://www.securitytracker.com/id/1030302
generic_textual	MODERATE	http://www.vmware.com/security/advisories/VMSA-2014-0012.html

System

Score

Found at

generic_textual

MODERATE

http://advisories.mageia.org/MGASA-2014-0268.html

generic_textual

MODERATE

http://linux.oracle.com/errata/ELSA-2014-0865.html

generic_textual

MODERATE

http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html

generic_textual

MODERATE

http://marc.info/?l=bugtraq&m=141017844705317&w=2

generic_textual

MODERATE

http://marc.info/?l=bugtraq&m=141390017113542&w=2

generic_textual

MODERATE

http://marc.info/?l=bugtraq&m=144498216801440&w=2

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2015-0675.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2015-0720.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2015-0765.html

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

epss

0.37857

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

apache_tomcat

Important

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099

generic_textual

MODERATE

http://seclists.org/fulldisclosure/2014/Dec/23

generic_textual

MODERATE

http://seclists.org/fulldisclosure/2014/May/138

generic_textual

MODERATE

http://seclists.org/fulldisclosure/2014/May/140

generic_textual

MODERATE

http://secunia.com/advisories/59121

generic_textual

MODERATE

http://secunia.com/advisories/59678

generic_textual

MODERATE

http://secunia.com/advisories/59732

generic_textual

MODERATE

http://secunia.com/advisories/59835

generic_textual

MODERATE

http://secunia.com/advisories/59849

generic_textual

MODERATE

http://secunia.com/advisories/59873

generic_textual

MODERATE

http://secunia.com/advisories/60729

generic_textual

MODERATE

http://secunia.com/advisories/60793

cvssv2

5.8

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-xh5x-j8jf-pcpx

generic_textual

MODERATE

https://github.com/apache/tomcat

generic_textual

MODERATE

https://github.com/apache/tomcat80/commit/990de53ab923c126f7402090a4ca53df4bb80cbd

generic_textual

MODERATE

https://github.com/apache/tomcat/commit/184cdc0d3f03f5737e12d21fff246d7285034597

generic_textual

MODERATE

https://github.com/apache/tomcat/commit/fffd63a3bd3a5475379b7c074820a5463b7663b3

generic_textual

MODERATE

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013

generic_textual

MODERATE

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

generic_textual

MODERATE

https://nvd.nist.gov/vuln/detail/CVE-2014-0099

generic_textual

MODERATE

http://svn.apache.org/viewvc?view=revision&revision=1578812

generic_textual

MODERATE

http://svn.apache.org/viewvc?view=revision&revision=1578814

generic_textual

MODERATE

http://svn.apache.org/viewvc?view=revision&revision=1580473

generic_textual

MODERATE

http://tomcat.apache.org/security-6.html

generic_textual

MODERATE

http://tomcat.apache.org/security-7.html

generic_textual

MODERATE

http://tomcat.apache.org/security-8.html

generic_textual

MODERATE

http://www-01.ibm.com/support/docview.wss?uid=swg21678231

generic_textual

MODERATE

http://www-01.ibm.com/support/docview.wss?uid=swg21680603

generic_textual

MODERATE

http://www-01.ibm.com/support/docview.wss?uid=swg21681528

generic_textual

MODERATE

http://www.debian.org/security/2016/dsa-3447

generic_textual

MODERATE

http://www.debian.org/security/2016/dsa-3530

generic_textual

MODERATE

http://www.mandriva.com/security/advisories?name=MDVSA-2015:052

generic_textual

MODERATE

http://www.mandriva.com/security/advisories?name=MDVSA-2015:053

generic_textual

MODERATE

http://www.mandriva.com/security/advisories?name=MDVSA-2015:084

generic_textual

MODERATE

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

generic_textual

MODERATE

http://www.securityfocus.com/archive/1/532218/100/0/threaded

generic_textual

MODERATE

http://www.securityfocus.com/archive/1/532221/100/0/threaded

generic_textual

MODERATE

http://www.securityfocus.com/archive/1/534161/100/0/threaded

generic_textual

MODERATE

http://www.securityfocus.com/bid/67668

generic_textual

MODERATE

http://www.securitytracker.com/id/1030302

generic_textual

MODERATE

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Reference id

Reference type

URL

http://advisories.mageia.org/MGASA-2014-0268.html

http://linux.oracle.com/errata/ELSA-2014-0865.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.html

http://marc.info/?l=bugtraq&m=141017844705317&w=2

http://marc.info/?l=bugtraq&m=141390017113542&w=2

http://marc.info/?l=bugtraq&m=144498216801440&w=2

http://rhn.redhat.com/errata/RHSA-2015-0675.html

http://rhn.redhat.com/errata/RHSA-2015-0720.html

http://rhn.redhat.com/errata/RHSA-2015-0765.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0099.json

https://api.first.org/data/v1/epss?cve=CVE-2014-0099

http://seclists.org/fulldisclosure/2014/Dec/23

http://seclists.org/fulldisclosure/2014/May/138

http://seclists.org/fulldisclosure/2014/May/140

http://secunia.com/advisories/59121

http://secunia.com/advisories/59678

http://secunia.com/advisories/59732

http://secunia.com/advisories/59835

http://secunia.com/advisories/59849

http://secunia.com/advisories/59873

http://secunia.com/advisories/60729

http://secunia.com/advisories/60793

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

https://github.com/apache/tomcat

https://github.com/apache/tomcat70/commit/184cdc0d3f03f5737e12d21fff246d7285034597

https://github.com/apache/tomcat80/commit/990de53ab923c126f7402090a4ca53df4bb80cbd

https://github.com/apache/tomcat/commit/184cdc0d3f03f5737e12d21fff246d7285034597

https://github.com/apache/tomcat/commit/fffd63a3bd3a5475379b7c074820a5463b7663b3

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

https://svn.apache.org/viewvc?view=rev&rev=1578812

https://svn.apache.org/viewvc?view=rev&rev=1578814

https://svn.apache.org/viewvc?view=rev&rev=1580473

http://svn.apache.org/viewvc?view=revision&revision=1578812

http://svn.apache.org/viewvc?view=revision&revision=1578814

http://svn.apache.org/viewvc?view=revision&revision=1580473

http://tomcat.apache.org/security-6.html

http://tomcat.apache.org/security-7.html

http://tomcat.apache.org/security-8.html

http://www-01.ibm.com/support/docview.wss?uid=swg21678231

http://www-01.ibm.com/support/docview.wss?uid=swg21680603

http://www-01.ibm.com/support/docview.wss?uid=swg21681528

http://www.debian.org/security/2016/dsa-3447

http://www.debian.org/security/2016/dsa-3530

http://www.mandriva.com/security/advisories?name=MDVSA-2015:052

http://www.mandriva.com/security/advisories?name=MDVSA-2015:053

http://www.mandriva.com/security/advisories?name=MDVSA-2015:084

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.securityfocus.com/archive/1/532218/100/0/threaded

http://www.securityfocus.com/archive/1/532221/100/0/threaded

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/67668

http://www.securitytracker.com/id/1030302

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

1102030

https://bugzilla.redhat.com/show_bug.cgi?id=1102030

CVE-2014-0099

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099

CVE-2014-0099

https://nvd.nist.gov/vuln/detail/CVE-2014-0099

GHSA-xh5x-j8jf-pcpx

https://github.com/advisories/GHSA-xh5x-j8jf-pcpx

GLSA-201412-29

https://security.gentoo.org/glsa/201412-29

RHSA-2014:0827

https://access.redhat.com/errata/RHSA-2014:0827

RHSA-2014:0833

https://access.redhat.com/errata/RHSA-2014:0833

RHSA-2014:0834

https://access.redhat.com/errata/RHSA-2014:0834

RHSA-2014:0835

https://access.redhat.com/errata/RHSA-2014:0835

RHSA-2014:0836

https://access.redhat.com/errata/RHSA-2014:0836

RHSA-2014:0842

https://access.redhat.com/errata/RHSA-2014:0842

RHSA-2014:0843

https://access.redhat.com/errata/RHSA-2014:0843

RHSA-2014:0865

https://access.redhat.com/errata/RHSA-2014:0865

RHSA-2014:0895

https://access.redhat.com/errata/RHSA-2014:0895

RHSA-2014:1149

https://access.redhat.com/errata/RHSA-2014:1149

RHSA-2015:0234

https://access.redhat.com/errata/RHSA-2015:0234

RHSA-2015:0235

https://access.redhat.com/errata/RHSA-2015:0235

RHSA-2015:0675

https://access.redhat.com/errata/RHSA-2015:0675

RHSA-2015:0720

https://access.redhat.com/errata/RHSA-2015:0720

RHSA-2015:0765

https://access.redhat.com/errata/RHSA-2015:0765

RHSA-2015:1009

https://access.redhat.com/errata/RHSA-2015:1009

USN-2302-1

https://usn.ubuntu.com/2302-1/

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:38:13.249130+00:00	Apache Tomcat Importer	Import	https://tomcat.apache.org/security-8.html	38.0.0

2026-04-01T12:38:13.249130+00:00

Apache Tomcat Importer

Import

https://tomcat.apache.org/security-8.html

38.0.0

Vulnerability ID	VCID-ygvw-69am-s7ae
Aliases	CVE-2014-0099 GHSA-xh5x-j8jf-pcpx
Summary	Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

CWE-113	Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-190	Integer Overflow or Wraparound
CWE-444	Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Percentile	0.97179
EPSS Score	0.37857
Published At	April 1, 2026, 12:55 p.m.