Apache HTTP Server is vulnerable to a denial of service, caused by a flaw when the server tries to HTTP/2 PUSH a resource afterwards. By using a specially-crafted value for the “Cache-Digest” header, a remote attacker could exploit this vulnerability to cause the application to crash.
Denial of Service
Apache HTTP Server
Upgrade to the latest version of Apache HTTP Server (2.4.44 or later).