Description

In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.

Remediation

References

CVE-2019-10082

Related Vulnerabilities

WordPress Plugin CSV Import Cross-Site Scripting (1.0)

WordPress Plugin Simple Download Button Shortcode 'file' Parameter Information Disclosure (1.0)

WordPress Plugin SecureMoz Security Audit PHP Object Injection (1.0.5)

WordPress Plugin Simple Business Directory with Maps PHP Object Injection (3.6.0)

MySQL CVE-2020-2804 Vulnerability (CVE-2020-2804)

Severity

Critical

Classification

CVE-2019-10082 CWE-416 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Tags

Missing Update Known Vulnerabilities