Vulnerability identifier: #VU7518
Vulnerability risk: Medium
Exploitation vector: Network
Exploit availability: No
Vendor: Apache Foundation
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the targeted system.
The weakness exists due to use-after-free condition in the mod_http2 function. A remote attacker can trigger memory corruption and cause the server to crash.
Successful exploitation of the vulnerability results in denial of service.
Update to version 2.4.27.
Vulnerable software versions
Apache HTTP Server: 2.4.26
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?