In Apache HTTP Server versions 2.4.0 to 2.4.46, a specially crafted SessionHeader sent by an origin server could cause a heap overflow.
In Apache HTTP Server versions 2.4.0 to 2.4.46, a specially crafted SessionHeader sent by an origin server could cause a heap overflow.
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-26691