CVE-2025-54090

Опубликовано: 23 июл. 2025

Источник: nvd

CVSS3: 6.3

EPSS Низкий

Описание

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".

Users are recommended to upgrade to version 2.4.65, which fixes the issue.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:http_server:2.4.64:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00223

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-253

Связанные уязвимости

CVE-2025-54090

CVSS3: 6.3

ubuntu

6 месяцев назад

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue.

CVE-2025-54090

CVSS3: 4.8

redhat

6 месяцев назад

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue.

CVE-2025-54090

CVSS3: 6.3

msrc

5 месяцев назад

Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64

CVE-2025-54090

CVSS3: 6.3

debian

6 месяцев назад

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr .. ...

GHSA-cjqj-vhhm-xq5x

CVSS3: 6.3

github

6 месяцев назад

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue.

EPSS

Процентиль: 45%

0.00223

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-253