Search for vulnerabilities
Vulnerability details: VCID-ydf8-pggr-h3bt
Vulnerability ID VCID-ydf8-pggr-h3bt
Aliases CVE-2014-0230
GHSA-pxcx-cxq8-4mmw
Summary
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (5)
CWE-400 Uncontrolled Resource Consumption
CWE-770 Allocation of Resources Without Limits or Throttling
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-399 Resource Management Errors
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual HIGH http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E
generic_textual HIGH http://marc.info/?l=bugtraq&m=144498216801440&w=2
generic_textual HIGH http://marc.info/?l=bugtraq&m=145974991225029&w=2
generic_textual HIGH http://openwall.com/lists/oss-security/2015/04/10/1
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2015-1622.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2016-0595.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2016-0596.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2016-0597.html
generic_textual HIGH http://rhn.redhat.com/errata/RHSA-2016-0598.html
generic_textual HIGH https://access.redhat.com/errata/RHSA-2015:2659
generic_textual HIGH https://access.redhat.com/errata/RHSA-2015:2660
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.06351 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
epss 0.0794 https://api.first.org/data/v1/epss?cve=CVE-2014-0230
apache_tomcat Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-pxcx-cxq8-4mmw
generic_textual HIGH https://github.com/apache/tomcat
generic_textual HIGH https://github.com/apache/tomcat/commit/6b2cfacf749be186ea77249a979af1d4863e47ba
generic_textual HIGH https://github.com/apache/tomcat/commit/812088583d0e60717a8fe9c6d14e12bcdc3e6c51
generic_textual HIGH https://github.com/apache/tomcat/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1
generic_textual HIGH https://github.com/apache/tomcat/commit/c1357e649641844109711d60cacb98e4b5fcd3cb
generic_textual HIGH https://github.com/apache/tomcat/commit/e28dd578fad90a6d5726ec34f3245c9f99d909a5
generic_textual HIGH https://github.com/apache/tomcat/commit/e3146f4b03a2386c3e57597e86134d4ed5c31303
generic_textual HIGH https://github.com/apache/tomcat/commit/fc049912464f0dcf9dede3761f38049369057e16
generic_textual HIGH https://github.com/apache/tomcat/commit/fdd9f11dc24b95e5425076abb58e968336f320a2
generic_textual HIGH https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
generic_textual HIGH https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
generic_textual HIGH https://issues.jboss.org/browse/JWS-219
generic_textual HIGH https://issues.jboss.org/browse/JWS-220
generic_textual HIGH https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
generic_textual HIGH https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2014-0230
generic_textual HIGH http://svn.apache.org/viewvc?view=revision&revision=1603770
generic_textual HIGH http://svn.apache.org/viewvc?view=revision&revision=1603775
generic_textual HIGH http://svn.apache.org/viewvc?view=revision&revision=1603779
generic_textual HIGH http://tomcat.apache.org/security-6.html
generic_textual HIGH http://tomcat.apache.org/security-7.html
generic_textual HIGH http://tomcat.apache.org/security-8.html
generic_textual HIGH http://www.debian.org/security/2016/dsa-3447
generic_textual HIGH http://www.debian.org/security/2016/dsa-3530
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
generic_textual HIGH http://www.ubuntu.com/usn/USN-2654-1
generic_textual HIGH http://www.ubuntu.com/usn/USN-2655-1
Reference id Reference type URL
http://mail-archives.apache.org/mod_mbox/tomcat-announce/201505.mbox/%3C554949D1.8030904%40apache.org%3E
http://marc.info/?l=bugtraq&m=144498216801440&w=2
http://marc.info/?l=bugtraq&m=145974991225029&w=2
http://openwall.com/lists/oss-security/2015/04/10/1
http://rhn.redhat.com/errata/RHSA-2015-1622.html
http://rhn.redhat.com/errata/RHSA-2016-0595.html
http://rhn.redhat.com/errata/RHSA-2016-0596.html
http://rhn.redhat.com/errata/RHSA-2016-0597.html
http://rhn.redhat.com/errata/RHSA-2016-0598.html
https://access.redhat.com/errata/RHSA-2015:2659
https://access.redhat.com/errata/RHSA-2015:2660
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0230.json
https://api.first.org/data/v1/epss?cve=CVE-2014-0230
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763
https://github.com/apache/tomcat
https://github.com/apache/tomcat70/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1
https://github.com/apache/tomcat/commit/6b2cfacf749be186ea77249a979af1d4863e47ba
https://github.com/apache/tomcat/commit/812088583d0e60717a8fe9c6d14e12bcdc3e6c51
https://github.com/apache/tomcat/commit/b1c8477e3e3ee635d19cc4d5987c2b157431e0c1
https://github.com/apache/tomcat/commit/c1357e649641844109711d60cacb98e4b5fcd3cb
https://github.com/apache/tomcat/commit/e28dd578fad90a6d5726ec34f3245c9f99d909a5
https://github.com/apache/tomcat/commit/e3146f4b03a2386c3e57597e86134d4ed5c31303
https://github.com/apache/tomcat/commit/fc049912464f0dcf9dede3761f38049369057e16
https://github.com/apache/tomcat/commit/fdd9f11dc24b95e5425076abb58e968336f320a2
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
https://issues.jboss.org/browse/JWS-219
https://issues.jboss.org/browse/JWS-220
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2014-0230
https://svn.apache.org/viewvc?view=rev&rev=1603770
https://svn.apache.org/viewvc?view=rev&rev=1603775
https://svn.apache.org/viewvc?view=rev&rev=1603779
https://svn.apache.org/viewvc?view=rev&rev=1603781
https://svn.apache.org/viewvc?view=rev&rev=1603811
https://svn.apache.org/viewvc?view=rev&rev=1609175
https://svn.apache.org/viewvc?view=rev&rev=1609176
https://svn.apache.org/viewvc?view=rev&rev=1659294
https://svn.apache.org/viewvc?view=rev&rev=1659295
https://svn.apache.org/viewvc?view=rev&rev=1659537
http://svn.apache.org/viewvc?view=revision&revision=1603770
http://svn.apache.org/viewvc?view=revision&revision=1603775
http://svn.apache.org/viewvc?view=revision&revision=1603779
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-7.html
http://tomcat.apache.org/security-8.html
http://www.debian.org/security/2016/dsa-3447
http://www.debian.org/security/2016/dsa-3530
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.ubuntu.com/usn/USN-2654-1
http://www.ubuntu.com/usn/USN-2655-1
1191200 https://bugzilla.redhat.com/show_bug.cgi?id=1191200
GHSA-pxcx-cxq8-4mmw https://github.com/advisories/GHSA-pxcx-cxq8-4mmw
RHSA-2015:1621 https://access.redhat.com/errata/RHSA-2015:1621
RHSA-2015:1622 https://access.redhat.com/errata/RHSA-2015:1622
RHSA-2015:2661 https://access.redhat.com/errata/RHSA-2015:2661
RHSA-2016:0595 https://access.redhat.com/errata/RHSA-2016:0595
RHSA-2016:0596 https://access.redhat.com/errata/RHSA-2016:0596
RHSA-2016:0597 https://access.redhat.com/errata/RHSA-2016:0597
RHSA-2016:0598 https://access.redhat.com/errata/RHSA-2016:0598
RHSA-2016:0599 https://access.redhat.com/errata/RHSA-2016:0599
RHSA-2016:2599 https://access.redhat.com/errata/RHSA-2016:2599
USN-2654-1 https://usn.ubuntu.com/2654-1/
USN-2655-1 https://usn.ubuntu.com/2655-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.90536
EPSS Score 0.06351
Published At July 15, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-01T11:55:19.584599+00:00 ProjectKB MSRImporter Import https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv 36.1.3