CVE-2014-0095

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions prior to 8.0.4

Description The issue allows remote attackers to cause a denial of service by consuming threads, leading to a hang in request processing. This is achieved by using an AJP request with a "Content-Length: 0" header.

Recommendations For versions prior to 8.0.4, update to version 8.0.4 or later to resolve the issue. As a temporary workaround, consider restricting AJP requests with a "Content-Length: 0" header to minimize the risk of exploitation.