GHSA-pqr5-9v2j-44xg, CVE-2002-2272
maven/org.apache.tomcat/tomcat
Improper Restriction of Operations within the Bounds of a Memory Buffer
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
All versions starting from 4.0.0 up to 4.1.12
Unfortunately, there is no solution available yet.
2024-02-13
source |