A flaw was found in Apache Tomcat, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. The highest threat from this vulnerability is to system availability.
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.
mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E
tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7
tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105
tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57
tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37
bugzilla.redhat.com/show_bug.cgi?id=1857024
nvd.nist.gov/vuln/detail/CVE-2020-13935
www.cve.org/CVERecord?id=CVE-2020-13935