Lighttpd Web Server Denial Of Service (CVE-2019-11072)

A denial-of-service vulnerability exists in Lighttpd server. This vulnerability is due to improper handling of URL when url-path-2f-decode is enabled. A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the target server. Successful exploitation of this vulnerability could result in denial-of-service condition on the target server.

You can read the full article here.