Skip to main content

Numeric Errors


Severity Medium
Score 5/10


Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.

  • LOW
  • NONE
  • NONE
  • NONE

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

Advisory Timeline

  • Published