http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (application crash) via a negative value in the Content-Length HTTP header.
https://www.exploit-db.com/exploits/4046
https://exchange.xforce.ibmcloud.com/vulnerabilities/34774