When using the NIO connector with sendfile and HTTPS enabled, if a client breaks the connection while reading the response an infinite loop is entered leading to a denial of service. Tomcat versions 6.0.0 through 6.0.35 and 7.0.0 through 7.0.27 are affected.
6afeb9d776681b81c074822aa40b6c5c5f366a02d179b63da64bea40dbcc6900