PT-2025-29303 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The Apache HTTP Server is susceptible to an authentication bypass. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

PT-2025-29300 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The Apache HTTP Server contains an issue due to unvalidated user input. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

SUSE CVE-2025-53020

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

Apache 2.4.x < 2.4.64 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.64. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.64 advisory. - In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can ...

PT-2025-29201

Name of the Vulnerable Software and Affected Versions Apache HTTP Server affected versions not specified Description The communication protocol used between the client and server has a flaw that could be leveraged to execute a man-in-the-middle attack. Recommendations At the moment, there is no...

PT-2025-29205 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The reported issue has been rejected as not being used. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

PT-2025-29204 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The Apache HTTP Server is susceptible to a Cross-Site Request Forgery CSRF issue. Recommendations: At the moment, there is no information about a newer version that contains a fi...

Apache HTTP Server 2.4.26 < 2.4.64 DoS Vulnerability - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability in modproxyhttp2. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 2.4.35 < 2.4.64 Access Control Bypass Vulnerability - Windows

Apache HTTP Server is prone to an access control bypass vulnerability in modssl. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 2.4.17 < 2.4.64 DoS Vulnerability - Windows

Apache HTTP Server is prone to a denial of service DoS vulnerability via HTTP/2. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server < 2.4.64 Multiple Vulnerabilities - Linux

Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"; if...

Apache HTTP Server 2.4.17 < 2.4.64 DoS Vulnerability - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability via HTTP/2. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 2.4.26 < 2.4.64 DoS Vulnerability - Windows

Apache HTTP Server is prone to a denial of service DoS vulnerability in modproxyhttp2. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server < 2.4.64 Multiple Vulnerabilities - Windows

Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"; if...

Apache HTTP Server 2.4.35 < 2.4.64 Access Control Bypass Vulnerability - Linux

Apache HTTP Server is prone to an access control bypass vulnerability in modssl. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2025-29208 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The reported issue has been rejected as not used. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

UBUNTU-CVE-2024-43394

Server-Side Request Forgery SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via modrewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server...

SUSE CVE-2024-43394

Server-Side Request Forgery SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via modrewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server...

CVE-2025-34096

CVE-2025-34096 affects Easy File Sharing HTTP Server 7.2. A stack-based buffer overflow occurs in the /sendemail.ghp endpoint when an overly long Email parameter is posted, causing memory corruption and allowing unauthenticated remote code execution with server process privileges. Documentation d...

CVE-2025-53020

A memory exhaustion flaw has been discovered in the Apache HTTP server. In some instances, the Apache HTTP server fails to free memory. Given sufficient time, this may lead to the host operating system killing the web server in order to reclaim memory. Mitigation Mitigation for this issue is eith...