A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.
This issue affects Apache HTTP Server 2.4.54 and earlier.
[
{
"vendor": "Apache Software Foundation",
"product": "Apache HTTP Server",
"versions": [
{
"status": "affected",
"version": "2.4",
"versionType": "semver",
"lessThanOrEqual": "2.4.54"
}
],
"defaultStatus": "unaffected"
}
]