Improper Input Validation in maven/org.apache.tomcat/tomcat
Improper Input Validation
Apache Tomcat to to to did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.
All versions starting from 8.5.0 before 8.5.64, all versions starting from 9.0.0 before 9.0.44, all versions starting from 10.0.0 up to 10.0.2
Upgrade to versions 8.5.64, 9.0.44, 10.0.4 or above.