Description
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Information Disclosure (3.6.0 - 3.9.12)
WordPress Plugin WP-StarsRateBox 'j' Parameter SQL Injection (1.1)
IBM WebSEAL Inadequate Encryption Strength Vulnerability (CVE-2018-1814)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9015)
MediaWiki Insecure Storage of Sensitive Information Vulnerability (CVE-2021-36127)