Description
The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger a missing hostname value.
Remediation
References
Related Vulnerabilities
Liferay DXP Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)
Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)
TYPO3 Improper Input Validation Vulnerability (CVE-2013-7079)
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1950)