CVE-2020-11996: Uncontrolled Resource Consumption
(updated )
A specially crafted sequence of HTTP/2
requests sent to Apache Tomcat could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2
connections, the server could become unresponsive.
References
Detect and mitigate CVE-2020-11996 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →