Description
Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.
Remediation
References
Related Vulnerabilities
Moodle CVE-2021-40695 Vulnerability (CVE-2021-40695)
WordPress Plugin Lana Email Logger Cross-Site Scripting (1.0.2)
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-2750)
MongoDb Improper Input Validation Vulnerability (CVE-2018-20804)
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31986)