Description
The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.
Remediation
References
Related Vulnerabilities
Three.js Uncontrolled Resource Consumption Vulnerability (CVE-2020-28496)
Apache Tomcat Other Vulnerability (CVE-2003-0866)
WordPress Plugin Twitter Cards Meta Multiple Vulnerabilities (2.4.5)
WordPress Plugin SocialGrid 'default_services' Parameter Cross-Site Scripting (2.3)
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Multiple Vulnerabilities (4.0.3)