Description
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.
Remediation
References
Related Vulnerabilities
WordPress Plugin GiveWP-Donation and Fundraising Platform Security Bypass (2.5.9)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-3848)
WordPress Plugin BetterDocs-Best Documentation & Knowledge Base Cross-Site Scripting (1.8.4)
WordPress Plugin Crowd Ideas Cross-Site Scripting (1.0)
PHP Resource Management Errors Vulnerability (CVE-2011-3267)