Количество 33
Количество 33
RLSA-2025:23932
Important: httpd security update
RLSA-2025:23919
Important: httpd security update
ELSA-2025-23932
ELSA-2025-23932: httpd security update (IMPORTANT)
ELSA-2025-23919
ELSA-2025-23919: httpd security update (IMPORTANT)
openSUSE-SU-2026:20030-1
Security update for apache2
SUSE-SU-2026:0020-1
Security update for apache2
SUSE-SU-2026:0019-1
Security update for apache2
SUSE-SU-2025:4518-1
Security update for apache2
SUSE-SU-2025:4488-1
Security update for apache2
RLSA-2025:23732
Important: httpd:2.4 security update
ELSA-2025-23732
ELSA-2025-23732: httpd:2.4 security update (IMPORTANT)
CVE-2025-58098
Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue.
CVE-2025-58098
Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue.
CVE-2025-58098
Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
CVE-2025-58098
Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) ...
GHSA-4m29-g52g-c6qc
Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue.
ELSA-2026-0075
ELSA-2026-0075: httpd security update (IMPORTANT)
BDU:2025-15635
Уязвимость модуля mod_cgid веб-сервера Apache HTTP Server, позволяющая нарушителю выполнить произвольный код
ROS-20260122-73-0025
Уязвимость httpd
CVE-2025-66200
mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are recommended to upgrade to version 2.4.66, which fixes the issue.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2025:23932 Important: httpd security update | около 1 месяца назад | ||
| RLSA-2025:23919 Important: httpd security update | около 1 месяца назад | ||
| ELSA-2025-23932 ELSA-2025-23932: httpd security update (IMPORTANT) | около 2 месяцев назад | ||
| ELSA-2025-23919 ELSA-2025-23919: httpd security update (IMPORTANT) | около 2 месяцев назад | ||
 | openSUSE-SU-2026:20030-1 Security update for apache2 | 22 дня назад | ||
| SUSE-SU-2026:0020-1 Security update for apache2 | около 1 месяца назад | ||
| SUSE-SU-2026:0019-1 Security update for apache2 | около 1 месяца назад | ||
| SUSE-SU-2025:4518-1 Security update for apache2 | около 1 месяца назад | ||
| SUSE-SU-2025:4488-1 Security update for apache2 | около 2 месяцев назад | ||
| RLSA-2025:23732 Important: httpd:2.4 security update | около 2 месяцев назад | ||
| ELSA-2025-23732 ELSA-2025-23732: httpd:2.4 security update (IMPORTANT) | около 1 месяца назад | ||
 | CVE-2025-58098 Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue. | CVSS3: 8.3 | 0% Низкий | 2 месяца назад |
 | CVE-2025-58098 Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue. | CVSS3: 8.3 | 0% Низкий | 2 месяца назад |
 | CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... | CVSS3: 8.3 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-58098 Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) ... | CVSS3: 8.3 | 0% Низкий | 2 месяца назад |
| GHSA-4m29-g52g-c6qc Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue. | CVSS3: 8.3 | 0% Низкий | 2 месяца назад |
| ELSA-2026-0075 ELSA-2026-0075: httpd security update (IMPORTANT) | 28 дней назад | ||
 | BDU:2025-15635 Уязвимость модуля mod_cgid веб-сервера Apache HTTP Server, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.3 | 0% Низкий | 6 месяцев назад |
 | ROS-20260122-73-0025 Уязвимость httpd | CVSS3: 8.3 | 0% Низкий | 15 дней назад |
| CVE-2025-66200 mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are recommended to upgrade to version 2.4.66, which fixes the issue. | CVSS3: 5.4 | 0% Низкий | 2 месяца назад |
Уязвимостей на страницу