Debian Linux Security Advisory 4541-1 - Max Kellermann reported a NULL pointer dereference flaw in libapreq2, a generic Apache request library, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested "multipart" body is processed.
649abb20d20f62be6dba27057de7c84ad5ccc7c42bdd2436d183fc52cfd6395d