Description
Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Premium Addons for Elementor Cross-Site Scripting (3.7.2)
Oracle JRE CVE-2022-21282 Vulnerability (CVE-2022-21282)
WordPress Plugin Lazyest Gallery 'image' Parameter Cross-Site Scripting (1.0.28)
Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2020-13935)
Oracle Database Server CVE-2006-3703 Vulnerability (CVE-2006-3703)