Description
A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-1557 Vulnerability (CVE-2013-1557)
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more PHAR Deserialization (2.9.8.5)
WordPress Plugin Classified Listing Pro & Directory Cross-Site Scripting (2.0.19)
WordPress Plugin User Role Editor Cross-Site Request Forgery (3.12)
WordPress Plugin Scoutnet Kalender Cross-Site Scripting (1.1.0)