The host is installed with Apache HTTP Server 2.4.18 through 2.4.39 and is prone to a read-after-free vulnerability. A flaw is present in the application, which fails to properly handle an issue in mod_http2. Successful exploitation could allow attackers to read memory after being freed during connection shutdown using fuzzed network input.