Apache Httpd CVE-2016-8740 Input Validation Bypass Vulnerability
Description
The HTTP/2 protocol implementation (mod_http2) had an incomplete handling of theLimitRequestFieldsdirective. This allowed an attacker to inject unlimited request headers into the server, leading to eventual memory exhaustion.
Affected Applications
Apache Httpd