Description
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
Remediation
References
Related Vulnerabilities
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4614)
Varnish Cache Reachable Assertion Vulnerability (CVE-2019-15892)
WordPress Plugin Live Chat for Fanpage Cross-Site Scripting (2.0.1)
WordPress Plugin Plugin:Newsletter 'data' Parameter Information Disclosure (1.5)
WordPress Plugin aoringo TAG upper Cross-Site Scripting (0.1.6)