java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP request to trigger a hang in request processing.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-05-31T10:00:00

Updated: 2024-08-06T09:05:38.232Z

Reserved: 2013-12-03T00:00:00

Link: CVE-2014-0095

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-05-31T11:17:13.157

Modified: 2024-11-21T02:01:20.953

Link: CVE-2014-0095

cve-icon Redhat

Severity : Moderate

Publid Date: 2014-05-30T00:00:00Z

Links: CVE-2014-0095 - Bugzilla