Description
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Checkout Manager Multiple Unspecified Vulnerabilities (3.6.9)
Joomla Missing Authentication for Critical Function Vulnerability (CVE-2019-10946)
Oracle JRE CVE-2013-2455 Vulnerability (CVE-2013-2455)
WordPress Plugin WP-Cal 'id' Parameter SQL Injection (0.3)
Apache HTTP Server Numeric Errors Vulnerability (CVE-2006-3747)