It was discovered that sending requests containing large headers to the Web Console produced a Java OutOfMemoryError in the HTTP management interface. An attacker could use this flaw to cause a denial of service.
http://www.securitytracker.com/id/1033859
http://rhn.redhat.com/errata/RHSA-2015-1905.html
http://rhn.redhat.com/errata/RHSA-2015-1906.html
https://bugzilla.redhat.com/show_bug.cgi?id=1255597
http://rhn.redhat.com/errata/RHSA-2015-1907.html
http://rhn.redhat.com/errata/RHSA-2015-1908.html
http://rhn.redhat.com/errata/RHSA-2015-1904.html
http://rhn.redhat.com/errata/RHSA-2016-1519.html
https://access.redhat.com/security/cve/CVE-2015-5220
https://access.redhat.com/errata/RHSA-2015:1907
https://access.redhat.com/errata/RHSA-2015:1906
https://access.redhat.com/errata/RHSA-2015:1905