Medium: httpd

🗓️ 04 Sep 2025 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 17 Views

Apache httpd 2.4.64 bug makes RewriteCond tests true; upgrade to 2.4.65 (CVE-2025-54090) via yum.

Reporter	Title	Published	Views	Family All 62
IBM Security Bulletins	Security Bulletin: A vulnerability has been identified in IBM HTTP Server used by IBM Rational ClearQuest (CVE-2025-54090)	11 Aug 202513:11	–	ibm
IBM Security Bulletins	Security Bulletin:IBM HTTP Server shipped with IBM OpenPages is vulnerable to multiple vulnerabilities	21 Oct 202518:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM HTTP Server is affected by a security bypass vulnerability due to the included Apache HTTP Server (CVE-2025-54090)	7 Aug 202518:51	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM DevOps Code ClearCase [CVE-2024-43204, CVE-2024-43394, CVE-2024-42516 , CVE-2025-54090]	18 Aug 202511:28	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerability in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow (CVE-2025-54090)	9 Aug 202512:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM HTTP Server, which is bundled with WebSphere Remote Server, is affected by a security bypass vulnerability (CVE-2025-54090)	14 Aug 202515:13	–	ibm
Tenable Nessus	Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2025-1183)	15 Sep 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : httpd, --advisory ALAS2-2025-2982 (ALAS-2025-2982)	4 Sep 202500:00	–	nessus
Tenable Nessus	Apache 2.4.x < 2.4.65	23 Jul 202500:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: httpd (CVE-2025-54090)	8 Aug 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	aarch64	httpd	2.4.65-1.amzn2.0.2	httpd-2.4.65-1.amzn2.0.2.aarch64.rpm
Amazon Linux	2	i686	httpd	2.4.65-1.amzn2.0.2	httpd-2.4.65-1.amzn2.0.2.i686.rpm
Amazon Linux	2	x86_64	httpd	2.4.65-1.amzn2.0.2	httpd-2.4.65-1.amzn2.0.2.x86_64.rpm
Amazon Linux	2	aarch64	httpd-debuginfo	2.4.65-1.amzn2.0.2	httpd-debuginfo-2.4.65-1.amzn2.0.2.aarch64.rpm
Amazon Linux	2	i686	httpd-debuginfo	2.4.65-1.amzn2.0.2	httpd-debuginfo-2.4.65-1.amzn2.0.2.i686.rpm
Amazon Linux	2	x86_64	httpd-debuginfo	2.4.65-1.amzn2.0.2	httpd-debuginfo-2.4.65-1.amzn2.0.2.x86_64.rpm
Amazon Linux	2	aarch64	httpd-devel	2.4.65-1.amzn2.0.2	httpd-devel-2.4.65-1.amzn2.0.2.aarch64.rpm
Amazon Linux	2	i686	httpd-devel	2.4.65-1.amzn2.0.2	httpd-devel-2.4.65-1.amzn2.0.2.i686.rpm
Amazon Linux	2	x86_64	httpd-devel	2.4.65-1.amzn2.0.2	httpd-devel-2.4.65-1.amzn2.0.2.x86_64.rpm
Amazon Linux	2	any	httpd-filesystem	2.4.65-1.amzn2.0.2	httpd-filesystem-2.4.65-1.amzn2.0.2.noarch.rpm

04 Sep 2025 00:00Current

7High risk

Vulners AI Score7

CVSS 3.16.3

EPSS0.00924

SSVC

apache httpd rewrite condition bug upgrade to 2.4.65 amazon linux