Apache Tomcat 9.0.0.M1 < 9.0.8 Denial of Service Vulnerability
Medium Nessus Plugin ID 122447
SynopsisThe remote Apache Tomcat server is affected by a denial of service vulnerability
DescriptionA denial of service (DoS) vulnerability exists in Apache Tomcat, in versions between 9.0.0.M1 and 9.0.7 (inclusive), due to improper overflow handling in the UTF-8 decoder component. An unauthenticated, remote attacker can exploit this issue, to cause the application to stop responding.
SolutionUpgrade to Apache Tomcat version 9.0.8 or later.