Description
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
Remediation
References
Related Vulnerabilities
Magento Insufficient Session Expiration Vulnerability (CVE-2019-8149)
WordPress Plugin Relocate Upload 'abspath' Parameter Remote File Include (0.14)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0195)
WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.20)
WordPress Plugin Super Interactive Maps for WordPress SQL Injection (2.1)