Ozaki

**Name of the Vulnerable Software and Affected Versions:** Apache Tomcat versions 9.0.13 through 9.0.89, 10.1.0-M1 through 10.1.24, and 11.0.0-M1 through 11.0.0-M20. Older, End-of-Life (EOL) versions including 7.0.92 through 7.0.109 and 8.5.35 through 8.5.100 are also affected. **Description:** A vulnerability exists in Apache Tomcat that allows an attacker to cause a denial-of-service (DoS) condition by abusing the TLS handshake process, potentially leading to an OutOfMemoryError. This issue occurs under certain configurations on any platform. **Recommendations:** Apache Tomcat versions prior to 11.0.0-M21 are affected. Upgrade to version 11.0.0-M21 or later. Apache Tomcat versions prior to 10.1.25 are affected. Upgrade to version 10.1.25 or later. Apache Tomcat versions prior to 9.0.90 are affected. Upgrade to version 9.0.90 or later.