CVE-2020-11996
maven/org.apache.tomcat/coyote
Uncontrolled Resource Consumption
A specially crafted sequence of HTTP/2
requests sent to Apache Tomcat could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2
connections, the server could become unresponsive.
All versions starting from 8.5.0 up to 8.5.55, all versions starting from 9.0.0 up to 9.0.36
Upgrade to versions 8.5.56, 9.0.36 or above.
2020-07-03
source |