Description
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2010-4420 Vulnerability (CVE-2010-4420)
WordPress Plugin SendPress Newsletters Cross-Site Scripting (1.20.7.10)
osTicket Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-24881)
WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.3.23)
Joomla Improper Input Validation Vulnerability (CVE-2006-4466)