VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	HIGH	http://advisories.mageia.org/MGASA-2014-0110.html
generic_textual	HIGH	http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html
generic_textual	HIGH	http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017
generic_textual	HIGH	http://jvn.jp/en/jp/JVN14876762/index.html
generic_textual	HIGH	http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E
generic_textual	HIGH	http://marc.info/?l=bugtraq&m=143136844732487&w=2
generic_textual	HIGH	http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0050.html
generic_textual	HIGH	http://rhn.redhat.com/errata/RHSA-2014-0252.html
generic_textual	HIGH	http://rhn.redhat.com/errata/RHSA-2014-0253.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2014-0400.html
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0252
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0253
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0373
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0400
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0401
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0429
rhas	Important	https://access.redhat.com/errata/RHSA-2014:0452
rhas	Important	https://access.redhat.com/errata/RHSA-2014:0459
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0473
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0525
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0526
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0527
rhas	Moderate	https://access.redhat.com/errata/RHSA-2014:0528
epss	0.17105	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.17105	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.21046	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.21046	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.21046	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.21046	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.21046	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.21046	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.21046	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.21046	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.21046	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.41599	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.41599	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.41599	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.41599	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92528	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92528	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92528	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92528	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92594	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
epss	0.92678	https://api.first.org/data/v1/epss?cve=CVE-2014-0050
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=1062337
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
apache_tomcat	Important	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
generic_textual	MODERATE	http://seclists.org/fulldisclosure/2014/Dec/23
generic_textual	Medium	http://seclists.org/fulldisclosure/2014/Feb/41
generic_textual	MODERATE	http://secunia.com/advisories/57915
generic_textual	HIGH	http://secunia.com/advisories/58075
generic_textual	HIGH	http://secunia.com/advisories/58976
generic_textual	HIGH	http://secunia.com/advisories/59039
generic_textual	HIGH	http://secunia.com/advisories/59041
generic_textual	HIGH	http://secunia.com/advisories/59183
generic_textual	HIGH	http://secunia.com/advisories/59184
generic_textual	HIGH	http://secunia.com/advisories/59185
generic_textual	HIGH	http://secunia.com/advisories/59187
generic_textual	HIGH	http://secunia.com/advisories/59232
generic_textual	HIGH	http://secunia.com/advisories/59399
generic_textual	HIGH	http://secunia.com/advisories/59492
generic_textual	HIGH	http://secunia.com/advisories/59500
generic_textual	HIGH	http://secunia.com/advisories/59725
generic_textual	HIGH	http://secunia.com/advisories/60475
generic_textual	HIGH	http://secunia.com/advisories/60753
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-xx68-jfcg-xmmf
cvssv3.1	7.5	https://github.com/apache/commons-fileupload
generic_textual	HIGH	https://github.com/apache/commons-fileupload
generic_textual	HIGH	https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a
generic_textual	HIGH	https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c
cvssv3.1	6.3	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
generic_textual	MODERATE	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
generic_textual	HIGH	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
cvssv3.1	8.1	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
generic_textual	HIGH	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
cvssv2	7.5	https://nvd.nist.gov/vuln/detail/CVE-2014-0050
cvssv3.1	7.5	https://security.gentoo.org/glsa/202107-39
generic_textual	HIGH	https://security.gentoo.org/glsa/202107-39
generic_textual	HIGH	https://svn.apache.org/viewvc?view=revision&revision=1565143
generic_textual	HIGH	https://svn.apache.org/viewvc?view=revision&revision=1565163
generic_textual	HIGH	https://svn.apache.org/viewvc?view=revision&revision=1565169
cvssv3.1	5.9	https://tomcat.apache.org/security-7.html
generic_textual	MODERATE	https://tomcat.apache.org/security-7.html
cvssv3.1	5.3	https://tomcat.apache.org/security-8.html
generic_textual	MODERATE	https://tomcat.apache.org/security-8.html
generic_textual	Medium	https://ubuntu.com/security/notices/USN-2130-1
generic_textual	HIGH	http://svn.apache.org/r1565143
cvssv3.1	9.8	http://tomcat.apache.org/security-7.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-7.html
cvssv3.1	9.8	http://tomcat.apache.org/security-8.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-8.html
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21669554
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21675432
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21676091
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21676092
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21676401
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21676403
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21676405
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21676410
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21676656
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21676853
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21677691
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21677724
generic_textual	HIGH	http://www-01.ibm.com/support/docview.wss?uid=swg21681214
generic_textual	HIGH	http://www.debian.org/security/2014/dsa-2856
generic_textual	HIGH	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html
generic_textual	HIGH	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html
generic_textual	HIGH	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html
generic_textual	HIGH	http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm
generic_textual	HIGH	http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
cvssv3.1	8.1	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
generic_textual	HIGH	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
cvssv3.1	7.5	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual	HIGH	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
cvssv3.1	5.3	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
generic_textual	HIGH	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
generic_textual	HIGH	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
cvssv3.1	7.5	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
generic_textual	HIGH	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
generic_textual	HIGH	http://www.securityfocus.com/archive/1/532549/100/0/threaded
generic_textual	HIGH	http://www.securityfocus.com/archive/1/534161/100/0/threaded
generic_textual	HIGH	http://www.securityfocus.com/bid/65400
generic_textual	HIGH	http://www.ubuntu.com/usn/USN-2130-1
generic_textual	HIGH	http://www.vmware.com/security/advisories/VMSA-2014-0007.html
generic_textual	HIGH	http://www.vmware.com/security/advisories/VMSA-2014-0008.html
generic_textual	MODERATE	http://www.vmware.com/security/advisories/VMSA-2014-0012.html

System

Score

Found at

generic_textual

HIGH

http://advisories.mageia.org/MGASA-2014-0110.html

generic_textual

HIGH

http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html

generic_textual

HIGH

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017

generic_textual

HIGH

http://jvn.jp/en/jp/JVN14876762/index.html

generic_textual

HIGH

http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E

generic_textual

HIGH

http://marc.info/?l=bugtraq&m=143136844732487&w=2

generic_textual

HIGH

http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html

generic_textual

Medium

http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0050.html

generic_textual

HIGH

http://rhn.redhat.com/errata/RHSA-2014-0252.html

generic_textual

HIGH

http://rhn.redhat.com/errata/RHSA-2014-0253.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2014-0400.html

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0252

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0253

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0373

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0400

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0401

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0429

rhas

Important

https://access.redhat.com/errata/RHSA-2014:0452

rhas

Important

https://access.redhat.com/errata/RHSA-2014:0459

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0473

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0525

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0526

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0527

rhas

Moderate

https://access.redhat.com/errata/RHSA-2014:0528

epss

0.17105

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.17105

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.21046

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.21046

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.21046

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.21046

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.21046

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.21046

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.21046

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.21046

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.21046

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.41599

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.41599

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.41599

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.41599

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92528

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92528

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92528

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92528

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92594

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

epss

0.92678

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

rhbs

medium

https://bugzilla.redhat.com/show_bug.cgi?id=1062337

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322

apache_tomcat

Important

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050

generic_textual

MODERATE

http://seclists.org/fulldisclosure/2014/Dec/23

generic_textual

Medium

http://seclists.org/fulldisclosure/2014/Feb/41

generic_textual

MODERATE

http://secunia.com/advisories/57915

generic_textual

HIGH

http://secunia.com/advisories/58075

generic_textual

HIGH

http://secunia.com/advisories/58976

generic_textual

HIGH

http://secunia.com/advisories/59039

generic_textual

HIGH

http://secunia.com/advisories/59041

generic_textual

HIGH

http://secunia.com/advisories/59183

generic_textual

HIGH

http://secunia.com/advisories/59184

generic_textual

HIGH

http://secunia.com/advisories/59185

generic_textual

HIGH

http://secunia.com/advisories/59187

generic_textual

HIGH

http://secunia.com/advisories/59232

generic_textual

HIGH

http://secunia.com/advisories/59399

generic_textual

HIGH

http://secunia.com/advisories/59492

generic_textual

HIGH

http://secunia.com/advisories/59500

generic_textual

HIGH

http://secunia.com/advisories/59725

generic_textual

HIGH

http://secunia.com/advisories/60475

generic_textual

HIGH

http://secunia.com/advisories/60753

cvssv3.1_qr

HIGH

https://github.com/advisories/GHSA-xx68-jfcg-xmmf

cvssv3.1

7.5

https://github.com/apache/commons-fileupload

generic_textual

HIGH

https://github.com/apache/commons-fileupload

generic_textual

HIGH

https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a

generic_textual

HIGH

https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c

cvssv3.1

6.3

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

generic_textual

MODERATE

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

generic_textual

HIGH

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917

cvssv3.1

8.1

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

generic_textual

HIGH

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

cvssv2

7.5

https://nvd.nist.gov/vuln/detail/CVE-2014-0050

cvssv3.1

7.5

https://security.gentoo.org/glsa/202107-39

generic_textual

HIGH

https://security.gentoo.org/glsa/202107-39

generic_textual

HIGH

https://svn.apache.org/viewvc?view=revision&revision=1565143

generic_textual

HIGH

https://svn.apache.org/viewvc?view=revision&revision=1565163

generic_textual

HIGH

https://svn.apache.org/viewvc?view=revision&revision=1565169

cvssv3.1

5.9

https://tomcat.apache.org/security-7.html

generic_textual

MODERATE

https://tomcat.apache.org/security-7.html

cvssv3.1

5.3

https://tomcat.apache.org/security-8.html

generic_textual

MODERATE

https://tomcat.apache.org/security-8.html

generic_textual

Medium

https://ubuntu.com/security/notices/USN-2130-1

generic_textual

HIGH

http://svn.apache.org/r1565143

cvssv3.1

9.8

http://tomcat.apache.org/security-7.html

generic_textual

CRITICAL

http://tomcat.apache.org/security-7.html

cvssv3.1

9.8

http://tomcat.apache.org/security-8.html

generic_textual

CRITICAL

http://tomcat.apache.org/security-8.html

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21669554

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21675432

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21676091

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21676092

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21676401

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21676403

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21676405

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21676410

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21676656

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21676853

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21677691

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21677724

generic_textual

HIGH

http://www-01.ibm.com/support/docview.wss?uid=swg21681214

generic_textual

HIGH

http://www.debian.org/security/2014/dsa-2856

generic_textual

HIGH

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html

generic_textual

HIGH

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html

generic_textual

HIGH

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html

generic_textual

HIGH

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm

generic_textual

HIGH

http://www.mandriva.com/security/advisories?name=MDVSA-2015:084

cvssv3.1

8.1

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

generic_textual

HIGH

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

cvssv3.1

7.5

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

generic_textual

HIGH

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

cvssv3.1

5.3

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

generic_textual

HIGH

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

generic_textual

HIGH

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

cvssv3.1

7.5

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

generic_textual

HIGH

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

generic_textual

HIGH

http://www.securityfocus.com/archive/1/532549/100/0/threaded

generic_textual

HIGH

http://www.securityfocus.com/archive/1/534161/100/0/threaded

generic_textual

HIGH

http://www.securityfocus.com/bid/65400

generic_textual

HIGH

http://www.ubuntu.com/usn/USN-2130-1

generic_textual

HIGH

http://www.vmware.com/security/advisories/VMSA-2014-0007.html

generic_textual

HIGH

http://www.vmware.com/security/advisories/VMSA-2014-0008.html

generic_textual

MODERATE

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Reference id	Reference type	URL
		http://advisories.mageia.org/MGASA-2014-0110.html
		http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html
		http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017
		http://jvn.jp/en/jp/JVN14876762/index.html
		http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907%40apache.org%3E
		http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E
		http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E
		http://marc.info/?l=bugtraq&m=143136844732487&w=2
		http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html
		http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0050.html
		http://rhn.redhat.com/errata/RHSA-2014-0252.html
		http://rhn.redhat.com/errata/RHSA-2014-0253.html
		http://rhn.redhat.com/errata/RHSA-2014-0400.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0050.json
		https://api.first.org/data/v1/epss?cve=CVE-2014-0050
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
		http://seclists.org/fulldisclosure/2014/Dec/23
		http://seclists.org/fulldisclosure/2014/Feb/41
		http://secunia.com/advisories/57915
		http://secunia.com/advisories/58075
		http://secunia.com/advisories/58976
		http://secunia.com/advisories/59039
		http://secunia.com/advisories/59041
		http://secunia.com/advisories/59183
		http://secunia.com/advisories/59184
		http://secunia.com/advisories/59185
		http://secunia.com/advisories/59187
		http://secunia.com/advisories/59232
		http://secunia.com/advisories/59399
		http://secunia.com/advisories/59492
		http://secunia.com/advisories/59500
		http://secunia.com/advisories/59725
		http://secunia.com/advisories/60475
		http://secunia.com/advisories/60753
		https://github.com/apache/commons-fileupload
		https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a
		https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
		https://security.gentoo.org/glsa/202107-39
		https://svn.apache.org/viewvc?view=revision&revision=1565143
		https://svn.apache.org/viewvc?view=revision&revision=1565163
		https://svn.apache.org/viewvc?view=revision&revision=1565169
		https://svn.apache.org/viewvc?view=rev&rev=1565163
		https://svn.apache.org/viewvc?view=rev&rev=1565169
		https://tomcat.apache.org/security-7.html
		https://tomcat.apache.org/security-8.html
		http://struts.apache.org/docs/s2-020.html
		https://ubuntu.com/security/notices/USN-2130-1
		http://svn.apache.org/r1565143
		http://svn.apache.org/viewvc?view=revision&revision=1565143
		https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0050
		http://tomcat.apache.org/security-7.html
		http://tomcat.apache.org/security-8.html
		http://www-01.ibm.com/support/docview.wss?uid=swg21669554
		http://www-01.ibm.com/support/docview.wss?uid=swg21675432
		http://www-01.ibm.com/support/docview.wss?uid=swg21676091
		http://www-01.ibm.com/support/docview.wss?uid=swg21676092
		http://www-01.ibm.com/support/docview.wss?uid=swg21676401
		http://www-01.ibm.com/support/docview.wss?uid=swg21676403
		http://www-01.ibm.com/support/docview.wss?uid=swg21676405
		http://www-01.ibm.com/support/docview.wss?uid=swg21676410
		http://www-01.ibm.com/support/docview.wss?uid=swg21676656
		http://www-01.ibm.com/support/docview.wss?uid=swg21676853
		http://www-01.ibm.com/support/docview.wss?uid=swg21677691
		http://www-01.ibm.com/support/docview.wss?uid=swg21677724
		http://www-01.ibm.com/support/docview.wss?uid=swg21681214
		http://www.debian.org/security/2014/dsa-2856
		http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html
		http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html
		http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html
		http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm
		http://www.mandriva.com/security/advisories?name=MDVSA-2015:084
		http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
		http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
		http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
		http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
		http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
		http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
		http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
		http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
		http://www.securityfocus.com/archive/1/532549/100/0/threaded
		http://www.securityfocus.com/archive/1/534161/100/0/threaded
		http://www.securityfocus.com/bid/65400
		http://www.ubuntu.com/usn/USN-2130-1
		http://www.vmware.com/security/advisories/VMSA-2014-0007.html
		http://www.vmware.com/security/advisories/VMSA-2014-0008.html
		http://www.vmware.com/security/advisories/VMSA-2014-0012.html
1062337		https://bugzilla.redhat.com/show_bug.cgi?id=1062337
cpe:2.3:a:apache:commons_fileupload::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload::::::::
cpe:2.3:a:apache:commons_fileupload:1.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.0:::::::*
cpe:2.3:a:apache:commons_fileupload:1.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.1:::::::*
cpe:2.3:a:apache:commons_fileupload:1.1.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.1.1:::::::*
cpe:2.3:a:apache:commons_fileupload:1.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.2:::::::*
cpe:2.3:a:apache:commons_fileupload:1.2.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.2.1:::::::*
cpe:2.3:a:apache:commons_fileupload:1.2.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.2.2:::::::*
cpe:2.3:a:apache:tomcat:7.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:::::::*
cpe:2.3:a:apache:tomcat:7.0.0:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta::::::
cpe:2.3:a:apache:tomcat:7.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.1:::::::*
cpe:2.3:a:apache:tomcat:7.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.10:::::::*
cpe:2.3:a:apache:tomcat:7.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.11:::::::*
cpe:2.3:a:apache:tomcat:7.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.12:::::::*
cpe:2.3:a:apache:tomcat:7.0.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.13:::::::*
cpe:2.3:a:apache:tomcat:7.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.14:::::::*
cpe:2.3:a:apache:tomcat:7.0.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.15:::::::*
cpe:2.3:a:apache:tomcat:7.0.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.16:::::::*
cpe:2.3:a:apache:tomcat:7.0.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.17:::::::*
cpe:2.3:a:apache:tomcat:7.0.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.18:::::::*
cpe:2.3:a:apache:tomcat:7.0.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.19:::::::*
cpe:2.3:a:apache:tomcat:7.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:::::::*
cpe:2.3:a:apache:tomcat:7.0.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.20:::::::*
cpe:2.3:a:apache:tomcat:7.0.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.21:::::::*
cpe:2.3:a:apache:tomcat:7.0.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.22:::::::*
cpe:2.3:a:apache:tomcat:7.0.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.23:::::::*
cpe:2.3:a:apache:tomcat:7.0.24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.24:::::::*
cpe:2.3:a:apache:tomcat:7.0.25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.25:::::::*
cpe:2.3:a:apache:tomcat:7.0.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.26:::::::*
cpe:2.3:a:apache:tomcat:7.0.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.27:::::::*
cpe:2.3:a:apache:tomcat:7.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.28:::::::*
cpe:2.3:a:apache:tomcat:7.0.29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.29:::::::*
cpe:2.3:a:apache:tomcat:7.0.2:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:beta::::::
cpe:2.3:a:apache:tomcat:7.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.3:::::::*
cpe:2.3:a:apache:tomcat:7.0.30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.30:::::::*
cpe:2.3:a:apache:tomcat:7.0.31:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.31:::::::*
cpe:2.3:a:apache:tomcat:7.0.32:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.32:::::::*
cpe:2.3:a:apache:tomcat:7.0.33:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.33:::::::*
cpe:2.3:a:apache:tomcat:7.0.34:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.34:::::::*
cpe:2.3:a:apache:tomcat:7.0.35:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.35:::::::*
cpe:2.3:a:apache:tomcat:7.0.36:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.36:::::::*
cpe:2.3:a:apache:tomcat:7.0.37:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.37:::::::*
cpe:2.3:a:apache:tomcat:7.0.38:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.38:::::::*
cpe:2.3:a:apache:tomcat:7.0.39:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.39:::::::*
cpe:2.3:a:apache:tomcat:7.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:::::::*
cpe:2.3:a:apache:tomcat:7.0.40:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.40:::::::*
cpe:2.3:a:apache:tomcat:7.0.41:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.41:::::::*
cpe:2.3:a:apache:tomcat:7.0.42:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.42:::::::*
cpe:2.3:a:apache:tomcat:7.0.43:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.43:::::::*
cpe:2.3:a:apache:tomcat:7.0.44:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.44:::::::*
cpe:2.3:a:apache:tomcat:7.0.45:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.45:::::::*
cpe:2.3:a:apache:tomcat:7.0.46:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.46:::::::*
cpe:2.3:a:apache:tomcat:7.0.47:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.47:::::::*
cpe:2.3:a:apache:tomcat:7.0.48:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.48:::::::*
cpe:2.3:a:apache:tomcat:7.0.49:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.49:::::::*
cpe:2.3:a:apache:tomcat:7.0.4:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:beta::::::
cpe:2.3:a:apache:tomcat:7.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.5:::::::*
cpe:2.3:a:apache:tomcat:7.0.50:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.50:::::::*
cpe:2.3:a:apache:tomcat:7.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.6:::::::*
cpe:2.3:a:apache:tomcat:7.0.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.7:::::::*
cpe:2.3:a:apache:tomcat:7.0.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.8:::::::*
cpe:2.3:a:apache:tomcat:7.0.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.9:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::
cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::
cpe:2.3:a:apache:tomcat:8.0.0:rc2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc2::::::
cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::
cpe:2.3:a:apache:tomcat:8.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.1:::::::*
cpe:2.3:a:oracle:retail_applications:12.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:12.0:::::::*
cpe:2.3:a:oracle:retail_applications:12.0in:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:12.0in:::::::*
cpe:2.3:a:oracle:retail_applications:13.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.0:::::::*
cpe:2.3:a:oracle:retail_applications:13.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.1:::::::*
cpe:2.3:a:oracle:retail_applications:13.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.2:::::::*
cpe:2.3:a:oracle:retail_applications:13.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.3:::::::*
cpe:2.3:a:oracle:retail_applications:13.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.4:::::::*
cpe:2.3:a:oracle:retail_applications:14.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:14.0:::::::*
CVE-2014-0050		https://nvd.nist.gov/vuln/detail/CVE-2014-0050
CVE-2014-0050;OSVDB-102945	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31615.rb
GHSA-xx68-jfcg-xmmf		https://github.com/advisories/GHSA-xx68-jfcg-xmmf
GLSA-201412-29		https://security.gentoo.org/glsa/201412-29
RHSA-2014:0252		https://access.redhat.com/errata/RHSA-2014:0252
RHSA-2014:0253		https://access.redhat.com/errata/RHSA-2014:0253
RHSA-2014:0373		https://access.redhat.com/errata/RHSA-2014:0373
RHSA-2014:0400		https://access.redhat.com/errata/RHSA-2014:0400
RHSA-2014:0401		https://access.redhat.com/errata/RHSA-2014:0401
RHSA-2014:0429		https://access.redhat.com/errata/RHSA-2014:0429
RHSA-2014:0452		https://access.redhat.com/errata/RHSA-2014:0452
RHSA-2014:0459		https://access.redhat.com/errata/RHSA-2014:0459
RHSA-2014:0473		https://access.redhat.com/errata/RHSA-2014:0473
RHSA-2014:0525		https://access.redhat.com/errata/RHSA-2014:0525
RHSA-2014:0526		https://access.redhat.com/errata/RHSA-2014:0526
RHSA-2014:0527		https://access.redhat.com/errata/RHSA-2014:0527
RHSA-2014:0528		https://access.redhat.com/errata/RHSA-2014:0528
USN-2130-1		https://usn.ubuntu.com/2130-1/

Reference id

Reference type

URL

http://advisories.mageia.org/MGASA-2014-0110.html

http://blog.spiderlabs.com/2014/02/cve-2014-0050-exploit-with-boundaries-loops-without-boundaries.html

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000017

http://jvn.jp/en/jp/JVN14876762/index.html

http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907%40apache.org%3E

http://mail-archives.apache.org/mod_mbox/commons-dev/201402.mbox/%3C52F373FC.9030907@apache.org%3E

http://mail-archives.apache.org/mod_mbox/www-announce/201402.mbox/%3C52F373FC.9030907@apache.org%3E

http://marc.info/?l=bugtraq&m=143136844732487&w=2

http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html

http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0050.html

http://rhn.redhat.com/errata/RHSA-2014-0252.html

http://rhn.redhat.com/errata/RHSA-2014-0253.html

http://rhn.redhat.com/errata/RHSA-2014-0400.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0050.json

https://api.first.org/data/v1/epss?cve=CVE-2014-0050

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050

http://seclists.org/fulldisclosure/2014/Dec/23

http://seclists.org/fulldisclosure/2014/Feb/41

http://secunia.com/advisories/57915

http://secunia.com/advisories/58075

http://secunia.com/advisories/58976

http://secunia.com/advisories/59039

http://secunia.com/advisories/59041

http://secunia.com/advisories/59183

http://secunia.com/advisories/59184

http://secunia.com/advisories/59185

http://secunia.com/advisories/59187

http://secunia.com/advisories/59232

http://secunia.com/advisories/59399

http://secunia.com/advisories/59492

http://secunia.com/advisories/59500

http://secunia.com/advisories/59725

http://secunia.com/advisories/60475

http://secunia.com/advisories/60753

https://github.com/apache/commons-fileupload

https://github.com/apache/commons-fileupload/commit/c61ff05b3241cb14d989b67209e57aa71540417a

https://github.com/apache/tomcat/commit/29384723d8d9645b87e05be9fa369a4deeb78b9c

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

https://security.gentoo.org/glsa/202107-39

https://svn.apache.org/viewvc?view=revision&revision=1565143

https://svn.apache.org/viewvc?view=revision&revision=1565163

https://svn.apache.org/viewvc?view=revision&revision=1565169

https://svn.apache.org/viewvc?view=rev&rev=1565163

https://svn.apache.org/viewvc?view=rev&rev=1565169

https://tomcat.apache.org/security-7.html

https://tomcat.apache.org/security-8.html

http://struts.apache.org/docs/s2-020.html

https://ubuntu.com/security/notices/USN-2130-1

http://svn.apache.org/r1565143

http://svn.apache.org/viewvc?view=revision&revision=1565143

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0050

http://tomcat.apache.org/security-7.html

http://tomcat.apache.org/security-8.html

http://www-01.ibm.com/support/docview.wss?uid=swg21669554

http://www-01.ibm.com/support/docview.wss?uid=swg21675432

http://www-01.ibm.com/support/docview.wss?uid=swg21676091

http://www-01.ibm.com/support/docview.wss?uid=swg21676092

http://www-01.ibm.com/support/docview.wss?uid=swg21676401

http://www-01.ibm.com/support/docview.wss?uid=swg21676403

http://www-01.ibm.com/support/docview.wss?uid=swg21676405

http://www-01.ibm.com/support/docview.wss?uid=swg21676410

http://www-01.ibm.com/support/docview.wss?uid=swg21676656

http://www-01.ibm.com/support/docview.wss?uid=swg21676853

http://www-01.ibm.com/support/docview.wss?uid=swg21677691

http://www-01.ibm.com/support/docview.wss?uid=swg21677724

http://www-01.ibm.com/support/docview.wss?uid=swg21681214

http://www.debian.org/security/2014/dsa-2856

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-015/index.html

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-016/index.html

http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-017/index.html

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm

http://www.mandriva.com/security/advisories?name=MDVSA-2015:084

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

http://www.securityfocus.com/archive/1/532549/100/0/threaded

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/65400

http://www.ubuntu.com/usn/USN-2130-1

http://www.vmware.com/security/advisories/VMSA-2014-0007.html

http://www.vmware.com/security/advisories/VMSA-2014-0008.html

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

1062337

https://bugzilla.redhat.com/show_bug.cgi?id=1062337

cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.1.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.2.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:commons_fileupload:1.2.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:commons_fileupload:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:12.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:12.0in:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:12.0in:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:13.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:13.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_applications:14.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_applications:14.0:*:*:*:*:*:*:*

CVE-2014-0050

https://nvd.nist.gov/vuln/detail/CVE-2014-0050

CVE-2014-0050;OSVDB-102945

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/31615.rb

GHSA-xx68-jfcg-xmmf

https://github.com/advisories/GHSA-xx68-jfcg-xmmf

GLSA-201412-29

https://security.gentoo.org/glsa/201412-29

RHSA-2014:0252

https://access.redhat.com/errata/RHSA-2014:0252

RHSA-2014:0253

https://access.redhat.com/errata/RHSA-2014:0253

RHSA-2014:0373

https://access.redhat.com/errata/RHSA-2014:0373

RHSA-2014:0400

https://access.redhat.com/errata/RHSA-2014:0400

RHSA-2014:0401

https://access.redhat.com/errata/RHSA-2014:0401

RHSA-2014:0429

https://access.redhat.com/errata/RHSA-2014:0429

RHSA-2014:0452

https://access.redhat.com/errata/RHSA-2014:0452

RHSA-2014:0459

https://access.redhat.com/errata/RHSA-2014:0459

RHSA-2014:0473

https://access.redhat.com/errata/RHSA-2014:0473

RHSA-2014:0525

https://access.redhat.com/errata/RHSA-2014:0525

RHSA-2014:0526

https://access.redhat.com/errata/RHSA-2014:0526

RHSA-2014:0527

https://access.redhat.com/errata/RHSA-2014:0527

RHSA-2014:0528

https://access.redhat.com/errata/RHSA-2014:0528

USN-2130-1

https://usn.ubuntu.com/2130-1/

Data source	Exploit-DB
Date added	Feb. 12, 2014
Description	Apache Commons FileUpload and Apache Tomcat - Denial of Service
Ransomware campaign use	Known
Source publication date	Feb. 12, 2014
Exploit type	dos
Platform	multiple
Source update date	Feb. 12, 2014

Exploit-DB

Feb. 12, 2014

Apache Commons FileUpload and Apache Tomcat - Denial of Service

Known

Feb. 12, 2014

dos

multiple

Feb. 12, 2014

Data source	Metasploit
Description	This module triggers an infinite loop in Apache Commons FileUpload 1.0 through 1.3 via a specially crafted Content-Type header. Apache Tomcat 7 and Apache Tomcat 8 use a copy of FileUpload to handle mime-multipart requests, therefore, Apache Tomcat 7.0.0 through 7.0.50 and 8.0.0-RC1 through 8.0.1 are affected by this issue. Tomcat 6 also uses Commons FileUpload as part of the Manager application.
Note	Stability: - crash-service-down SideEffects: [] Reliability: []
Ransomware campaign use	Unknown
Source publication date	Feb. 6, 2014
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/http/apache_commons_fileupload_dos.rb

Metasploit

This module triggers an infinite loop in Apache Commons FileUpload 1.0 through 1.3 via a specially crafted Content-Type header. Apache Tomcat 7 and Apache Tomcat 8 use a copy of FileUpload to handle mime-multipart requests, therefore, Apache Tomcat 7.0.0 through 7.0.50 and 8.0.0-RC1 through 8.0.1 are affected by this issue. Tomcat 6 also uses Commons FileUpload as part of the Manager application.

Stability:
  - crash-service-down
SideEffects: []
Reliability: []

Unknown

Feb. 6, 2014

https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/http/apache_commons_fileupload_dos.rb

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/commons-fileupload

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2014-0050

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.gentoo.org/glsa/202107-39

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://tomcat.apache.org/security-7.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://tomcat.apache.org/security-8.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-7.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-8.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-qcms-zybq-aaap
Aliases	CVE-2014-0050 GHSA-xx68-jfcg-xmmf
Summary	High severity vulnerability that affects commons-fileupload:commons-fileupload
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

CWE-264	Permissions, Privileges, and Access Controls
CWE-20	Improper Input Validation
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Percentile	0.96277
EPSS Score	0.17105
Published At	Dec. 13, 2024, midnight