Description
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
Remediation
References
Related Vulnerabilities
WordPress Plugin CM Pop-Up banners for WordPress SQL Injection (1.5.10)
PostgreSQL Numeric Errors Vulnerability (CVE-2007-4769)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14831)
MySQL CVE-2017-3529 Vulnerability (CVE-2017-3529)
WordPress Plugin Simple Backup Arbitrary File Download (2.7.10)