CVE-2025-54090

Опубликовано: 23 июл. 2025

Источник: nvd

CVSS3: 6.3

EPSS Низкий

Описание

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".

Users are recommended to upgrade to version 2.4.65, which fixes the issue.

Ссылки

https://httpd.apache.org/security/vulnerabilities_24.html
Release Notes
https://news.ycombinator.com/item?id=44666896
Issue Tracking
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:http_server:2.4.64:*:*:*:*:*:*:*

EPSS

Процентиль: 28%

0.00099

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-253

Связанные уязвимости

CVE-2025-54090

CVSS3: 6.3

ubuntu

3 месяца назад

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue.

CVE-2025-54090

CVSS3: 4.8

redhat

3 месяца назад

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue.

CVE-2025-54090

CVSS3: 6.3

msrc

2 месяца назад

Описание отсутствует

CVE-2025-54090

CVSS3: 6.3

debian

3 месяца назад

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr .. ...

GHSA-cjqj-vhhm-xq5x

CVSS3: 6.3

github

3 месяца назад

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue.

EPSS

Процентиль: 28%

0.00099

Низкий

6.3 Medium

CVSS3

Дефекты

CWE-253