230 matches found
Important: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...
AlmaLinux 8 : httpd:2.4 (ALSA-2025:23732)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23732 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...
RHEL 8 : httpd:2.4 (RHSA-2025:23732)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23732 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...
RHEL 9 : httpd (RHSA-2025:23919)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23919 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...
Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...
ALSA-2025:23932 Important: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...
RockyLinux 8 : httpd:2.4 (RLSA-2025:23732)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23732 advisory. httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals...
ALSA-2025:23919 Important: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 httpd:...
ALSA-2025:23732 Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP Server: CGI environment variable override CVE-2025-65082 modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 httpd: Apache HTTP...
SUSE SLES12: apache2 / apache2-devel / apache2-doc / apache2-example-pages / etc (SUSE-SU-2025:4488-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4488-1 advisory. - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 -...
Security update for apache2
This update for apache2 fixes the following issues: CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 CVE-2025-65082: Fixed CGI environment variable override bsc1254514 CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 CVE-2025-66200:...
SUSE-SU-2025:4488-1 Security update for apache2
This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME unintended retry intervals bsc1254511 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-58098: Fixed Server Side Includes adding query string to exec cmd=... bsc1254512 -...
Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
...
BIT-APACHE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...
CVE-2025-58098
Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...
Updated apache packages fix security vulnerabilities
Apache HTTP Server: modmd ACME, unintended retry intervals. CVE-2025-55753 Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. CVE-2025-58098 Apache HTTP Server: CGI environment...
SUSE CVE-2025-58098
Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...
EUVD-2025-201408
Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...
CVE-2025-58098
Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...
AZL-71867 CVE-2025-58098 affecting package httpd for versions less than 2.4.66-1
Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...