The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program.
Credits
Tomer Goldschmidt of Claroty Research - Team82 reported this vulnerability to CISA.
