CVE-2020-35452 log

Severity Low
Remote Yes
Type Arbitrary code execution
In Apache HTTP Server versions 2.4.0 to 2.4.46, a specially crafted digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow.
Group Package Affected Fixed Severity Status Ticket
AVG-2053 apache 2.4.46-3 2.4.47-1 Medium Fixed