CVE-2017-7659

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.24 through 2.4.25

Description The issue is related to the mod http2 module in Apache HTTP Server, which incorrectly handles maliciously constructed HTTP/2 requests. This can cause the server process to crash due to a NULL pointer dereference, potentially leading to a denial of service. The issue can be exploited by a remote attacker.

Recommendations For versions 2.4.24 and 2.4.25, consider disabling the mod http2 module as a temporary workaround until a patch is available. Restrict access to the server to minimize the risk of exploitation.