Description
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.
Remediation
References
Related Vulnerabilities
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.12)
WordPress Plugin Booster for WooCommerce Security Bypass (5.4.3)
Magento Incorrect Authorization Vulnerability (CVE-2020-9587)
WordPress Plugin Passster-Password Protection Security Bypass (3.5.5.8)
WordPress Plugin Embed Articles Multiple Vulnerabilities (7.0.3)