A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest treat of this vulnerability is availability. A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling. A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write. An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker