Description
The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows remote attackers to cause a denial of service (worker consumption) via an expensive request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Windows Desktop and iPhone Photo Uploader Arbitrary File Upload (1.8)
Moodle Other Vulnerability (CVE-2015-3272)
Undertow Unchecked Return Value Vulnerability (CVE-2022-1319)
MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-0363)
Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)