AZL-65109 CVE-2025-53020 affecting package httpd for versions less than 2.4.64-1

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

AZL-6485 CVE-2021-36160 affecting package httpd for versions less than 2.4.52-1

A carefully crafted request uri-path can cause modproxyuwsgi to read above the allocated memory and crash DoS. This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 inclusive...

AZL-6482 CVE-2021-32792 affecting package httpd for versions less than 2.4.52-1

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, there is an XSS vulnerability in when using OIDCPreservePost ...