Description
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Remediation
References
Related Vulnerabilities
WordPress Plugin Blog social sharing component Cross-Site Request Forgery (1.4.5)
WordPress Plugin MailPoet Newsletters (Previous) 'swfupload.swf' Cross-Site Scripting (2.1.6)
Oracle Database Server CVE-2011-0877 Vulnerability (CVE-2011-0877)
WebLogic CVE-2020-2801 Vulnerability (CVE-2020-2801)
WordPress Plugin WordPress File Upload Cross-Site Request Forgery (2.4.1)