CVE-2021-26691: mod_session response handling heap overflow
Severity: low Vendor: The Apache Software Foundation Versions Affected: httpd 2.4.0 to 2.4.46 Description: Apache HTTP Server 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow Mitigation: None Credit: Discovered internally by Christophe Jaillet References: https://httpd.apache.org/security/vulnerabilities_24.html