Description
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.
Remediation
References
Related Vulnerabilities
Joomla Incorrect Authorization Vulnerability (CVE-2020-11891)
WordPress Plugin BSK PDF Manager SQL Injection (3.1.1)
WordPress Plugin Gravity Forms HubSpot Cross-Site Scripting (1.0.8)
MySQL CVE-2012-0488 Vulnerability (CVE-2012-0488)
WordPress Plugin WP Comment Remix SQL Injection and HTML Injection Vulnerabilities (1.4.3)