PT-2025-34335 · Undefined · Undefined

CVE-2025-57744 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-57744 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-33835 · Undefined · Undefined

CVE-2025-57723 - Apache HTTP Server Unauthenticated Remote Code Execution CVE ID : CVE-2025-57723 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, an...

PT-2025-33830 · Undefined · Undefined

CVE-2025-57718 - Apache HTTP Server SSRF CVE ID : CVE-2025-57718 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-34271 · Undefined · Undefined

CVE-2025-55153 - Apache HTTP Server XML Entity Injection CVE ID : CVE-2025-55153 Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 59 minutes ago Description : Rejected reason: This CVE is a duplicate of another CVE. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP1 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 1 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

httpd: mod_proxy_http2: untrusted input from a client causes an assertion to fail in the Apache mod_proxy_http2 module

An assertion failure flaw was found in Apache httpd. Untrusted clients can send inputs that trigger an assertion failure in the modproxyhttp2 module, which likely results in an Apache HTTP server crash or denial of service DoS...

USN-6885-6 apache2 regression

USN-6885-1 fixed vulnerabilities in Apache. The patch for CVE-2024-38474 was incomplete and caused a regression. This update provides the fix for this issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. ...

Security Bulletin: IBM HTTP Server is affected by multiple vulnerabilities due to the included Apache HTTP Server

Summary There are multiple vulnerabilities in Apache HTTP Server which affect the IBM HTTP Server used by IBM WebSphere Application Server. Vulnerability Details CVEID:CVE-2024-43204 DESCRIPTION: SSRF in Apache HTTP Server with modproxy loaded allows an attacker to send outbound proxy requests to...

K000152922: Apache HTTP server vulnerability CVE-2025-49630

Security Advisory Description In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in modproxyhttp2. Configurations affected are a reverse proxy is configured for an HTTP...

Security Bulletin: IBM HTTP Server is affected by a security bypass vulnerability due to the included Apache HTTP Server (CVE-2025-54090)

Summary IBM HTTP Server used by IBM WebSphere Application Server is affected by a security bypass vulnerability due to the included Apache HTTP Server. This affects IBM HTTP Server with IFPH67153 installed. Vulnerability Details CVEID:CVE-2025-54090 DESCRIPTION: A bug in Apache HTTP Server 2.4.64...

Linux Distros Unpatched Vulnerability : CVE-2024-43394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server-Side Request Forgery SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via modrewrite or apache...

Linux Distros Unpatched Vulnerability : CVE-2024-40725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. AddType a...

Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64

...

PT-2025-32356 · Undefined · Undefined

CVE-2025-55026 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-55026 Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Linux Distros Unpatched Vulnerability : CVE-2019-10098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and...

PT-2025-32357 · Undefined · Undefined

CVE-2025-55027 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-55027 Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

ROS-20250806-02

A vulnerability in the modauthopenidc module of the Apache HTTP Server HTTPD web server is related to insufficient user data validation when OIDCPreservePost is enabled in modauthopenidc. Exploitation The vulnerability could allow an attacker acting remotely to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2022-36760

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests ...

PT-2025-32350 · Undefined · Undefined

CVE-2025-55024 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2025-55024 Published : Aug. 6, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

PT-2025-32256 · Undefined · Undefined

CVE-2025-54979 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-54979 Published : Aug. 5, 2025, 4:16 a.m. | 2 hours, 19 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...