Description
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
Remediation
References
Related Vulnerabilities
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9515)
WordPress Plugin XData Toolkit Arbitrary File Upload (1.9)
GeoServer CVE-2023-35042 Vulnerability (CVE-2023-35042)
PHP Other Vulnerability (CVE-2015-4600)
WordPress Plugin WordPress File Upload Arbitrary File Upload (3.4.0)