CVE-2020-13934 log

Severity High
Remote Yes
Type Denial of service
An issue has been found in Apache Tomcat before 8.5.57 and before 9.0.37, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-1205 tomcat9 9.0.35-1 9.0.37-1 High Fixed
AVG-1204 tomcat8 8.5.56-1 8.5.57-1 High Fixed