Description
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
Remediation
References
Related Vulnerabilities
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4196)
WordPress Plugin BAVOKO SEO Tools-All-in-One WordPress SEO Security Bypass (2.1.9.7)
WordPress Plugin Poll Maker SQL Injection (3.4.1)
Joomla! Core 1.6.x Cross-Site Scripting (1.6.0 - 1.6.3)
WordPress Plugin PayGreen-Ancienne version Cross-Site Request Forgery (4.10.2)