Security Advisory

CVE-2016-6817

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-08-10 22:00:00

Last updated 2024-10-15 19:01:10

Assigner apache

State PUBLISHED

Description

The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible.

← Browse all CVEs View on cve.org ↗