Several vulnerabilities have been found in the Apache HTTPD server. CVE-2020-1927 Fabrice Perez reported that certain mod_rewrite configurations are prone to an open redirect. CVE-2020-1934 Chamal De Silva discovered that the mod_proxy_ftp module uses uninitialized memory when proxying to a malicious FTP backend. CVE-2020-9490 Felix Wilhelm discovered that a specially crafted value for the "Cache-Digest" header in a HTTP/2 request could cause a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. CVE-2020-11984 Felix Wilhelm reported a buffer overflow flaw in the mod_proxy_uwsgi module which could result in information disclosure or potentially remote code execution. CVE-2020-11993 Felix Wilhelm reported that when trace/debug was enabled for the HTTP/2 module certain traffic edge patterns can cause logging statements on the wrong connection, causing concurrent use of memory pools.