Description
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
Remediation
References
Related Vulnerabilities
WordPress Plugin MailChimp List Subscribe Form Multiple Unspecified Vulnerabilities (1.1)
PHP NULL Pointer Dereference Vulnerability (CVE-2016-6292)
WordPress Plugin MiniCart SQL Injection (1.00.1)
WordPress Plugin Circles Gallery Cross-Site Scripting (1.0.10)
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8164)