The recommendations suggested in the guideline CON13-J. Ensure that threads are stopped cleanlyproperly terminated are insufficient to terminate a thread that is blocked on an operation involving network or file input-output (IO). Threads and tasks should provide callers with an explicit termination mechanism to prevent denial of service vulnerabilities.
...
This noncompliant code example uses a volatile done flag to indicate that it is safe to shut down the thread, as suggested in CON13-J. Ensure that threads are stopped cleanlyproperly terminated. However, setting the flag does not terminate the thread because the thread is blocked on network IO as a consequence of using the readLine() method.
...