Administrators of servers running Apache have to update their installs immediately to fix multiple vulnerabilities disclosed by a Google researcher. Apache Foundation released the 2.4.46 version to address three flaws affecting its web server software that could be potentially exploited by attackers, under specific conditions, to execute arbitrary code or to trigger a DoS condition by crashing the server. The most severe flaw, tracked as CVE-2020-9490, resides in the HTTP/2 module. Administrators are recommended to patch their installations immediately.”]
Source: https://securityaffairs.co/wordpress/107499/security/apache-web-server-flaws.html