An unspecified vulnerability was found in Apache HTTP Server 2.4.17 through 2.4.23. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via crafted continuation frames in a HTTP/2 request.
Apache HTTP Server from 2.4.17 to 2.4.23
For a 2.4.23 version a patch is supplied. This will be included in the next release.
Security Advisory – Apache Software Foundation