Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.CreditsBartlomiej Dmitruk, striga.aiStanislaw Strzalkowski, isec.plReferenceshttpd.apache.org/security/vulnerabilities_24.html
