Apache Tomcat versions 10.1 and below suffer from a denial of service vulnerability.
a1d6b32f0ad7544172f66fe93eec6839e7bd069f5efe9495b988da45220b7b67
Debian Linux Security Advisory 5265-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
edab69c62383a48d7848a4c6c8e38c4841b36fed01d7622dfb98f1e6bc7d88b4