org.apache.mina:mina-http is vulnerable to denial of service(DoS) attack. An attacker is able to trigger DoS when a specifically crafted malformed HTTP request is sent to the HTTP Header decoder to loop indefinitely.
www.openwall.com/lists/oss-security/2021/11/01/2
www.openwall.com/lists/oss-security/2021/11/01/8
github.com/apache/mina/commit/7dc266ac9a74f50669039c10be3d2defa2ac8b58
lists.apache.org/thread.html/r0b907da9340d5ff4e6c1a4798ef4e79700a668657f27cca8a39e9250%40%3Cdev.mina.apache.org%3E
www.openwall.com/lists/oss-security/2021/11/01/2
www.openwall.com/lists/oss-security/2021/11/01/8
www.oracle.com/security-alerts/cpuapr2022.html