CVE List


Critical 7.5

A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier.

Published January 17, 2023.

Affected software

Get alerts for Apache HTTP Server

Reference links