Description
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Delete Duplicate Posts Security Bypass (4.1.9.4)
Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2023-35941)
WordPress Plugin Yahoo! Updates for WordPress Multiple Cross-Site Scripting Vulnerabilities (1.0)
PostgreSQL Cryptographic Issues Vulnerability (CVE-2012-2143)