Apache 2.4.10 < 2.4.44 Source Code Disclosure

Due to a lack of control over an Apache error when using php-cgi and ModSecurity, it is possible for an attacker to obtain the source code of requested page in the error response via a specially crafted request containing the Content-Length header with an incorrect value. No source data...