Description
The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Super Cache Remote Code Execution (1.7.1)
WordPress Plugin SupportCandy Arbitrary File Upload (2.0.0)
OpenSSL Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2019-1559)
Magento Improper Authorization Vulnerability (CVE-2020-24402)
WordPress Plugin Super Logos Showcase for WordPress Arbitrary File Upload (2.2)