CVE-2020-13935

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.27 through 7.0.104 Apache Tomcat versions 8.5.0 through 8.5.56 Apache Tomcat versions 9.0.0.M1 through 9.0.36 Apache Tomcat versions 10.0.0-M1 through 10.0.0-M6

Description: The issue is related to the execution of a loop with an unavailable exit condition in the Apache Tomcat server. This can be exploited by a remote attacker to cause a denial of service. The problem lies in the incorrect validation of the payload length in a WebSocket frame, which can trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.

Recommendations: For Apache Tomcat versions 7.0.27 through 7.0.104, update to a version that correctly validates the payload length in WebSocket frames. For Apache Tomcat versions 8.5.0 through 8.5.56, update to a version that correctly validates the payload length in WebSocket frames. For Apache Tomcat versions 9.0.0.M1 through 9.0.36, update to a version that correctly validates the payload length in WebSocket frames. For Apache Tomcat versions 10.0.0-M1 through 10.0.0-M6, update to a version that correctly validates the payload length in WebSocket frames. As a temporary workaround, consider restricting access to the WebSocket functionality until a patch is available.