Description
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
Remediation
References
Related Vulnerabilities
PostgreSQL Improper Authentication Vulnerability (CVE-2009-3231)
WordPress Improper Input Validation Vulnerability (CVE-2013-4339)
WordPress Plugin Custom Post Type Relations Cross-Site Scripting (1.0)
Atlassian Jira Missing Authorization Vulnerability (CVE-2020-14185)
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225)