Spring MVC controller methods with an @RequestBody byte[] method parameter are vulnerable to a DoS attack.