Jump to:

CVE-2025-54090

Jump to:

CVE-2025-54090

Package apache2 updated to version 2.4.65-alt1 for branch p10 in task 391343.

Published: 2025-07-23
Modified: 2025-08-14

CVE-2025-54090

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue.

Severity: MEDIUM (6.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

References:

https://httpd.apache.org/security/vulnerabilities_24.html
https://news.ycombinator.com/item?id=44666896

Version: 2.1.2

Package apache2 update in p10 on 2025-08-06

ALT-PU-2025-9920-2

Closed vulnerabilities

CVE-2025-54090