Vulnerability	Vulnerable Version
H Allocation of Resources Without Limits or Throttling org.apache.tomcat:tomcat-coyote is a Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via HTTP/2 multiplexing feature. an attacker can trigger resource exhaustion by creating excessive HTTP/2 streams within a single TCP connection. How to fix Allocation of Resources Without Limits or Throttling? Upgrade `org.apache.tomcat:tomcat-coyote` to version 9.0.107, 10.1.43, 11.0.9 or higher.	[9.0.0.M1,9.0.107)[10.1.0-M1,10.1.43)[11.0.0-M1,11.0.9)

Allocation of Resources Without Limits or Throttling

org.apache.tomcat:tomcat-coyote is a Tomcat Connectors and HTTP parser.

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via HTTP/2 multiplexing feature. an attacker can trigger resource exhaustion by creating excessive HTTP/2 streams within a single TCP connection.

How to fix Allocation of Resources Without Limits or Throttling?

Upgrade org.apache.tomcat:tomcat-coyote to version 9.0.107, 10.1.43, 11.0.9 or higher.

[9.0.0.M1,9.0.107)[10.1.0-M1,10.1.43)[11.0.0-M1,11.0.9)

Go back to all versions of this package