A vulnerability was found in Apache HTTP Server 2.4.17 to...
Moderate severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Jan 28, 2023
Description
Published by the National Vulnerability Database
Jun 11, 2019
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Jan 28, 2023
A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.
References