Description
Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
Remediation
References
Related Vulnerabilities
Apache Tomcat Deserialization of Untrusted Data Vulnerability (CVE-2021-25329)
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.19)
WordPress Plugin CodeArt-Google MP3 Player Arbitrary File Disclosure (1.0.11)
WordPress Plugin Lightbox Multiple Unspecified Vulnerabilities (2.0.7)
WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress SQL Injection (2.8.6)