mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

Important: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated thi...

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

RHEL 9 : mod_md (RHSA-2026:0029)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:0029 advisory. This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate...

PT-2026-1145

CVE-2025-22181 - Here is the title: Apache HTTP Server Cross-Site Scripting Vulnerability CVE ID : CVE-2025-22181 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not...

RLSA-2025:23738 Important: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...

PT-2025-53409

CVE-2025-13074 - Apache Server Header Information Disclosure CVE ID : CVE-2025-13074 Published : Dec. 23, 2025, 6:15 p.m. | 43 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in...

📄 Apache mod_ssl TLS 1.3 Client Certificate Authentication Bypass

Apache modssl TLS 1.3 client certificate authentication bypass proof of concept exploit. ============================================================================================================================================= | Title : Apache modssl TLS 1.3 Client Certificate Authentication...

AlmaLinux 10 : mod_md (ALSA-2025:23738)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23738 advisory. modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 Tenable has extracted the preceding description block directly from the AlmaLinu...

httpd: Apache HTTP Server: CGI environment variable override

A configuration override flaw has been discovered in the apache HTTP server. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server...

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.2.0 Vulnerability Details CVEID:CVE-2025-36154 DESCRIPTION: IBM Concert Software stores sensitive information in cleartext during recursive docker builds which could be obtained by a local user. CWE:CWE-313: Clearte...

httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

A permissions bypass flaw has been discovered in the apache HTTP server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid...

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

RHEL 9 : httpd (RHSA-2025:23919)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23919 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...

ALSA-2025:23739 Important: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...

ALSA-2025:23738 Important: mod_md security update

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fixes: modmd:...

mod_md security update

1:2.4.26-1.1 - Resolves: RHEL-134496 - httpd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753...

EulerOS Virtualization 2.13.0 : httpd (EulerOS-SA-2025-2578)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of...