Description
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
Remediation
References
Related Vulnerabilities
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-43293)
WordPress Plugin Tweet Wheel Spam (0.3)
WordPress Plugin User Role Editor Security Bypass (4.24)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-1686)
WordPress Plugin IzeeChat-Live Chat Cross-Site Scripting (1.0)