CVE-2012-0022

Priority
Description
Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23
uses an inefficient approach for handling parameters, which allows remote
attackers to cause a denial of service (CPU consumption) via a request that
contains many parameters and parameter values, a different vulnerability
than CVE-2011-4858.
Notes
 mdeslaur> upstream bug says last commit isn't in 6.0.35.
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Package
Upstream:released (7.0.23)
More Information

Updated: 2019-03-19 12:02:19 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)