exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 20

CVE-2025-49812

5 месяцев назад

In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.

CVSS3: 7.4

EPSS: Низкий

CVE-2025-49812

5 месяцев назад

CVSS3: 7.5

EPSS: Низкий

CVE-2025-49812

5 месяцев назад

CVSS3: 7.4

EPSS: Низкий

CVE-2025-49812

5 месяцев назад

Apache HTTP Server: mod_ssl TLS upgrade attack

CVSS3: 7.4

EPSS: Низкий

CVE-2025-49812

5 месяцев назад

In some mod_ssl configurations on Apache HTTP Server versions through ...

CVSS3: 7.4

EPSS: Низкий

GHSA-2mcx-3xj5-wg86

5 месяцев назад

CVSS3: 7.4

EPSS: Низкий

BDU:2025-08696

8 месяцев назад

Уязвимость функции mod_ssl веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Низкий

ELSA-2025-14997

2 месяца назад

ELSA-2025-14997: httpd security update (MODERATE)

EPSS: Низкий

RLSA-2025:15095

3 месяца назад

Moderate: httpd security update

EPSS: Низкий

RLSA-2025:15023

2 месяца назад

Moderate: httpd security update

EPSS: Низкий

ELSA-2025-15095

4 месяца назад

ELSA-2025-15095: httpd security update (MODERATE)

EPSS: Низкий

ELSA-2025-15023

4 месяца назад

ELSA-2025-15023: httpd security update (MODERATE)

EPSS: Низкий

RLSA-2025:15123

3 месяца назад

Moderate: httpd:2.4 security update

EPSS: Низкий

ELSA-2025-15123

4 месяца назад

ELSA-2025-15123: httpd:2.4 security update (MODERATE)

EPSS: Низкий

SUSE-SU-2025:02685-1

5 месяцев назад

Security update for apache2

EPSS: Низкий

SUSE-SU-2025:02684-1

5 месяцев назад

Security update for apache2

EPSS: Низкий

SUSE-SU-2025:02683-1

5 месяцев назад

Security update for apache2

EPSS: Низкий

SUSE-SU-2025:02682-1

5 месяцев назад

Security update for apache2

EPSS: Низкий

SUSE-SU-2025:02565-1

5 месяцев назад

Security update for apache2

EPSS: Низкий

ROS-20250929-15

3 месяца назад

Множественные уязвимости httpd

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-49812 In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.	CVSS3: 7.4	0% Низкий	5 месяцев назад
CVE-2025-49812 In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.	CVSS3: 7.5	0% Низкий	5 месяцев назад
CVE-2025-49812 In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.	CVSS3: 7.4	0% Низкий	5 месяцев назад
CVE-2025-49812 Apache HTTP Server: mod_ssl TLS upgrade attack	CVSS3: 7.4	0% Низкий	5 месяцев назад
CVE-2025-49812 In some mod_ssl configurations on Apache HTTP Server versions through ...	CVSS3: 7.4	0% Низкий	5 месяцев назад
GHSA-2mcx-3xj5-wg86 In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.	CVSS3: 7.4	0% Низкий	5 месяцев назад
BDU:2025-08696 Уязвимость функции mod_ssl веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	0% Низкий	8 месяцев назад
ELSA-2025-14997 ELSA-2025-14997: httpd security update (MODERATE)			2 месяца назад
RLSA-2025:15095 Moderate: httpd security update			3 месяца назад
RLSA-2025:15023 Moderate: httpd security update			2 месяца назад
ELSA-2025-15095 ELSA-2025-15095: httpd security update (MODERATE)			4 месяца назад
ELSA-2025-15023 ELSA-2025-15023: httpd security update (MODERATE)			4 месяца назад
RLSA-2025:15123 Moderate: httpd:2.4 security update			3 месяца назад
ELSA-2025-15123 ELSA-2025-15123: httpd:2.4 security update (MODERATE)			4 месяца назад
SUSE-SU-2025:02685-1 Security update for apache2			5 месяцев назад
SUSE-SU-2025:02684-1 Security update for apache2			5 месяцев назад
SUSE-SU-2025:02683-1 Security update for apache2			5 месяцев назад
SUSE-SU-2025:02682-1 Security update for apache2			5 месяцев назад
SUSE-SU-2025:02565-1 Security update for apache2			5 месяцев назад
ROS-20250929-15 Множественные уязвимости httpd	CVSS3: 7.5		3 месяца назад

Уязвимостей на страницу