csaf_certbund - wid-sec-w-2025-1529

wid-sec-w-2025-1529

Vulnerability from csaf_certbund

Published

2025-07-10 22:00

Modified

2025-08-14 22:00

Summary

Apache HTTP Server: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Apache ist ein Webserver für verschiedene Plattformen.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um einen Denial of Service Angriff durchzuführen, um Sicherheitsvorkehrungen zu umgehen, um Informationen offenzulegen, und um Dateien zu manipulieren.

Betroffene Betriebssysteme

- Linux - Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apache ist ein Webserver f\u00fcr verschiedene Plattformen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, um Sicherheitsvorkehrungen zu umgehen, um Informationen offenzulegen, und um Dateien zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1529 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1529.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1529 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1529"
      },
      {
        "category": "external",
        "summary": "Mailing List OSS Security vom 2025-07-10",
        "url": "https://seclists.org/oss-sec/2025/q3/20"
      },
      {
        "category": "external",
        "summary": "Mailing List OSS Security vom 2025-07-10",
        "url": "https://seclists.org/oss-sec/2025/q3/21"
      },
      {
        "category": "external",
        "summary": "Mailing List OSS Security vom 2025-07-10",
        "url": "https://seclists.org/oss-sec/2025/q3/22"
      },
      {
        "category": "external",
        "summary": "Mailing List OSS Security vom 2025-07-10",
        "url": "https://seclists.org/oss-sec/2025/q3/23"
      },
      {
        "category": "external",
        "summary": "Mailing List OSS Security vom 2025-07-10",
        "url": "https://seclists.org/oss-sec/2025/q3/24"
      },
      {
        "category": "external",
        "summary": "Mailing List OSS Security vom 2025-07-10",
        "url": "https://seclists.org/oss-sec/2025/q3/25"
      },
      {
        "category": "external",
        "summary": "Mailing List OSS Security vom 2025-07-10",
        "url": "https://seclists.org/oss-sec/2025/q3/26"
      },
      {
        "category": "external",
        "summary": "Mailing List OSS Security vom 2025-07-10",
        "url": "https://seclists.org/oss-sec/2025/q3/27"
      },
      {
        "category": "external",
        "summary": "Mailing List OSS Security vom 2025-07-10",
        "url": "https://seclists.org/oss-sec/2025/q3/28"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-6D7A183951 vom 2025-07-11",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-6d7a183951"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-B486FFD351 vom 2025-07-11",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-b486ffd351"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7639-1 vom 2025-07-16",
        "url": "https://ubuntu.com/security/notices/USN-7639-1"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7239846 vom 2025-07-16",
        "url": "https://www.ibm.com/support/pages/node/7239846"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15360-1 vom 2025-07-21",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CB2NNDXYFXVKF6KTKFMA2AHUNHAGDAFJ/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15369-1 vom 2025-07-22",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UTC3TDRL5IF6YTXDS2ENK5OJDZNHZ2XL/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02565-1 vom 2025-07-31",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021991.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2958 vom 2025-08-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2958.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02685-1 vom 2025-08-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022063.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02683-1 vom 2025-08-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022065.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02682-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KSS462UFYDADIPPKUL3TXXRQPB3QSMVB/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02684-1 vom 2025-08-04",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HJTVNIIT7LUYXSMCL3VWS2K232WNZNZG/"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7241583 vom 2025-08-06",
        "url": "https://www.ibm.com/support/pages/node/7241583"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory K000152924 vom 2025-08-08",
        "url": "https://my.f5.com/manage/s/article/K000152924"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7241939 vom 2025-08-11",
        "url": "https://www.ibm.com/support/pages/node/7241939"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4270 vom 2025-08-12",
        "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00009.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13681 vom 2025-08-14",
        "url": "https://access.redhat.com/errata/RHSA-2025:13681"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13680 vom 2025-08-14",
        "url": "https://access.redhat.com/errata/RHSA-2025:13680"
      }
    ],
    "source_lang": "en-US",
    "title": "Apache HTTP Server: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-08-14T22:00:00.000+00:00",
      "generator": {
        "date": "2025-08-15T07:22:18.291+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2025-1529",
      "initial_release_date": "2025-07-10T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-07-10T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-07-13T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2025-07-16T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Ubuntu und IBM aufgenommen"
        },
        {
          "date": "2025-07-21T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-07-22T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-07-30T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-04T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-08-06T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-08-10T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von F5 aufgenommen"
        },
        {
          "date": "2025-08-11T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-08-12T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-08-14T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "12"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.4.64",
                "product": {
                  "name": "Apache HTTP Server \u003c2.4.64",
                  "product_id": "T045319"
                }
              },
              {
                "category": "product_version",
                "name": "2.4.64",
                "product": {
                  "name": "Apache HTTP Server 2.4.64",
                  "product_id": "T045319-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:http_server:2.4.64"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "HTTP Server"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "15.1.0-15.1.10",
                "product": {
                  "name": "F5 BIG-IP 15.1.0-15.1.10",
                  "product_id": "T034902",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip:15.1.0_-_15.1.10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "17.1.0-17.1.2",
                "product": {
                  "name": "F5 BIG-IP 17.1.0-17.1.2",
                  "product_id": "T040213",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip:17.1.0_-_17.1.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "16.1.0-16.1.6",
                "product": {
                  "name": "F5 BIG-IP 16.1.0-16.1.6",
                  "product_id": "T044168",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip:16.1.0_-_16.1.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "17.5.0-17.5.1",
                "product": {
                  "name": "F5 BIG-IP 17.5.0-17.5.1",
                  "product_id": "T045956",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip:17.5.0_-_17.5.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "BIG-IP"
          }
        ],
        "category": "vendor",
        "name": "F5"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM Business Automation Workflow",
            "product": {
              "name": "IBM Business Automation Workflow",
              "product_id": "T019704",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:business_automation_workflow:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c9.0.5.25",
                "product": {
                  "name": "IBM HTTP Server \u003c9.0.5.25",
                  "product_id": "T045476"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.5.25",
                "product": {
                  "name": "IBM HTTP Server 9.0.5.25",
                  "product_id": "T045476-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:http_server:9.0.5.25"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.5.5.29",
                "product": {
                  "name": "IBM HTTP Server \u003c8.5.5.29",
                  "product_id": "T045477"
                }
              },
              {
                "category": "product_version",
                "name": "8.5.5.29",
                "product": {
                  "name": "IBM HTTP Server 8.5.5.29",
                  "product_id": "T045477-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:http_server:8.5.5.29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "HTTP Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "9.1-9.1.0.8",
                "product": {
                  "name": "IBM Rational ClearQuest 9.1-9.1.0.8",
                  "product_id": "T045976",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:rational_clearquest:9.1_-_9.1.0.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "10.0-10.0.7",
                "product": {
                  "name": "IBM Rational ClearQuest 10.0-10.0.7",
                  "product_id": "T045977",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:rational_clearquest:10.0_-_10.0.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Rational ClearQuest"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Core Services",
                "product": {
                  "name": "Red Hat JBoss Core Services",
                  "product_id": "T012412",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_core_services:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "1",
                "product": {
                  "name": "Red Hat JBoss Core Services 1",
                  "product_id": "T046258",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_core_services:1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "JBoss Core Services"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-38709",
      "product_status": {
        "known_affected": [
          "T034902",
          "T012412",
          "74185",
          "T045976",
          "2951",
          "T002207",
          "T045956",
          "T045977",
          "T000126",
          "T019704",
          "T045319",
          "T027843",
          "398363",
          "T040213",
          "T046258",
          "T044168",
          "T045477",
          "T045476"
        ]
      },
      "release_date": "2025-07-10T22:00:00.000+00:00",
      "title": "CVE-2023-38709"
    },
    {
      "cve": "CVE-2024-42516",
      "product_status": {
        "known_affected": [
          "T034902",
          "T012412",
          "74185",
          "T045976",
          "2951",
          "T002207",
          "T045956",
          "T045977",
          "T000126",
          "T019704",
          "T045319",
          "T027843",
          "398363",
          "T040213",
          "T046258",
          "T044168",
          "T045477",
          "T045476"
        ]
      },
      "release_date": "2025-07-10T22:00:00.000+00:00",
      "title": "CVE-2024-42516"
    },
    {
      "cve": "CVE-2024-43204",
      "product_status": {
        "known_affected": [
          "T034902",
          "T012412",
          "74185",
          "T045976",
          "2951",
          "T002207",
          "T045956",
          "T045977",
          "T000126",
          "T019704",
          "T045319",
          "T027843",
          "398363",
          "T040213",
          "T046258",
          "T044168",
          "T045477",
          "T045476"
        ]
      },
      "release_date": "2025-07-10T22:00:00.000+00:00",
      "title": "CVE-2024-43204"
    },
    {
      "cve": "CVE-2024-43394",
      "product_status": {
        "known_affected": [
          "T034902",
          "T012412",
          "74185",
          "T045976",
          "2951",
          "T002207",
          "T045956",
          "T045977",
          "T000126",
          "T019704",
          "T045319",
          "T027843",
          "398363",
          "T040213",
          "T046258",
          "T044168",
          "T045477",
          "T045476"
        ]
      },
      "release_date": "2025-07-10T22:00:00.000+00:00",
      "title": "CVE-2024-43394"
    },
    {
      "cve": "CVE-2024-47252",
      "product_status": {
        "known_affected": [
          "T034902",
          "T012412",
          "74185",
          "T045976",
          "2951",
          "T002207",
          "T045956",
          "T045977",
          "T000126",
          "T019704",
          "T045319",
          "T027843",
          "398363",
          "T040213",
          "T046258",
          "T044168",
          "T045477",
          "T045476"
        ]
      },
      "release_date": "2025-07-10T22:00:00.000+00:00",
      "title": "CVE-2024-47252"
    },
    {
      "cve": "CVE-2025-23048",
      "product_status": {
        "known_affected": [
          "T034902",
          "T012412",
          "74185",
          "T045976",
          "2951",
          "T002207",
          "T045956",
          "T045977",
          "T000126",
          "T019704",
          "T045319",
          "T027843",
          "398363",
          "T040213",
          "T046258",
          "T044168",
          "T045477",
          "T045476"
        ]
      },
      "release_date": "2025-07-10T22:00:00.000+00:00",
      "title": "CVE-2025-23048"
    },
    {
      "cve": "CVE-2025-49630",
      "product_status": {
        "known_affected": [
          "T034902",
          "T012412",
          "74185",
          "T045976",
          "2951",
          "T002207",
          "T045956",
          "T045977",
          "T000126",
          "T019704",
          "T045319",
          "T027843",
          "398363",
          "T040213",
          "T046258",
          "T044168",
          "T045477",
          "T045476"
        ]
      },
      "release_date": "2025-07-10T22:00:00.000+00:00",
      "title": "CVE-2025-49630"
    },
    {
      "cve": "CVE-2025-49812",
      "product_status": {
        "known_affected": [
          "T034902",
          "T012412",
          "74185",
          "T045976",
          "2951",
          "T002207",
          "T045956",
          "T045977",
          "T000126",
          "T019704",
          "T045319",
          "T027843",
          "398363",
          "T040213",
          "T046258",
          "T044168",
          "T045477",
          "T045476"
        ]
      },
      "release_date": "2025-07-10T22:00:00.000+00:00",
      "title": "CVE-2025-49812"
    },
    {
      "cve": "CVE-2025-53020",
      "product_status": {
        "known_affected": [
          "T034902",
          "T012412",
          "74185",
          "T045976",
          "2951",
          "T002207",
          "T045956",
          "T045977",
          "T000126",
          "T019704",
          "T045319",
          "T027843",
          "398363",
          "T040213",
          "T046258",
          "T044168",
          "T045477",
          "T045476"
        ]
      },
      "release_date": "2025-07-10T22:00:00.000+00:00",
      "title": "CVE-2025-53020"
    }
  ]
}

CVE-2025-23048 (GCVE-0-2025-23048)

Vulnerability from cvelistv5

Published

2025-07-10 16:56

Modified

2025-07-15 19:56

Severity ?

CWE

CWE-284 - Improper Access Control

Summary

In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.

References

►

URL

Tags

https://httpd.apache.org/security/vulnerabilities_24.html

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 2.4.35 ≤ 2.4.63

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-23048",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T16:06:16.003018Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:56:26.553Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.63",
              "status": "affected",
              "version": "2.4.35",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Sven Hebrok, Felix Cramer, Tim Storm, Maximilian Radoy, and Juraj Somorovsky at Paderborn University"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption.\u003cbr\u003e\u003cbr\u003eConfigurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption.\n\nConfigurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T16:56:53.545Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-25T15:01:00.000Z",
          "value": "reported"
        }
      ],
      "title": "Apache HTTP Server: mod_ssl access control bypass with session resumption",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-23048",
    "datePublished": "2025-07-10T16:56:53.545Z",
    "dateReserved": "2025-01-10T15:11:45.480Z",
    "dateUpdated": "2025-07-15T19:56:26.553Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-47252 (GCVE-0-2024-47252)

Vulnerability from cvelistv5

Published

2025-07-10 16:55

Modified

2025-07-15 19:56

Severity ?

CWE

CWE-150 - Improper Neutralization of Escape, Meta, or Control Sequences

Summary

Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%{varname}x" or "%{varname}c" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.

References

►

URL

Tags

https://httpd.apache.org/security/vulnerabilities_24.html

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 2.4 ≤ 2.4.63

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-47252",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T16:06:33.872531Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:56:38.784Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.63",
              "status": "affected",
              "version": "2.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "John Runyon"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations.\u003cbr\u003e\u003cbr\u003eIn a logging configuration where CustomLog is used with \"%{varname}x\" or \"%{varname}c\" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations.\n\nIn a logging configuration where CustomLog is used with \"%{varname}x\" or \"%{varname}c\" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-150",
              "description": "CWE-150 Improper Neutralization of Escape, Meta, or Control Sequences",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T16:55:20.013Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-18T15:26:00.000Z",
          "value": "reported"
        }
      ],
      "title": "Apache HTTP Server: mod_ssl error log variable escaping",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-47252",
    "datePublished": "2025-07-10T16:55:20.013Z",
    "dateReserved": "2024-09-23T15:25:33.808Z",
    "dateUpdated": "2025-07-15T19:56:38.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-38709 (GCVE-0-2023-38709)

Vulnerability from cvelistv5

Published

2024-04-04 19:19

Modified

2025-02-13 17:02

Severity ?

CWE

HTTP response splitting

Summary

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

References

►

URL

Tags

	https://httpd.apache.org/security/vulnerabilities_24.html	vendor-advisory
	https://security.netapp.com/advisory/ntap-20240415-0013/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/
	http://www.openwall.com/lists/oss-security/2024/04/04/3
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/
	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/
	https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html
	https://support.apple.com/kb/HT214119
	http://seclists.org/fulldisclosure/2024/Jul/18

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 0 ≤ 2.4.58

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "http_server",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "2.4.58",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 7.3,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-38709",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-05T13:57:02.091077Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1284",
                "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T19:38:10.128Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:46:56.949Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240415-0013/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/04/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214119"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.58",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Orange Tsai (@orange_8361) from DEVCORE"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.\u003cbr\u003e\u003cbr\u003eThis issue affects Apache HTTP Server: through 2.4.58.\u003cbr\u003e"
            }
          ],
          "value": "Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.\n\nThis issue affects Apache HTTP Server: through 2.4.58."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "HTTP response splitting",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-29T22:06:19.848Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240415-0013/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/04/04/3"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
        },
        {
          "url": "https://support.apple.com/kb/HT214119"
        },
        {
          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-06-26T00:00:00.000Z",
          "value": "reported"
        }
      ],
      "title": "Apache HTTP Server: HTTP response splitting",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2023-38709",
    "datePublished": "2024-04-04T19:19:35.467Z",
    "dateReserved": "2023-07-24T17:51:18.042Z",
    "dateUpdated": "2025-02-13T17:02:32.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-43394 (GCVE-0-2024-43394)

Vulnerability from cvelistv5

Published

2025-07-10 16:56

Modified

2025-07-15 19:56

Severity ?

CWE

CWE-918 - Server-Side Request Forgery (SSRF)

Summary

Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via mod_rewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. The server offers limited protection against administrators directing the server to open UNC paths. Windows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication.

References

►

URL

Tags

https://httpd.apache.org/security/vulnerabilities_24.html

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 2.4.0 ≤ 2.4.63

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-43394",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T16:06:25.292340Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:56:32.755Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.63",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Kainan Zhang (@4xpl0r3r) from Fortinet"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eServer-Side Request Forgery (SSRF)\u0026nbsp;in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via\u0026nbsp;\u003cbr\u003emod_rewrite or apache expressions that pass unvalidated request input.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.63.\u003c/p\u003eNote: \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. \u003cbr\u003e\u003cbr\u003eThe server offers limited protection against administrators directing the server to open UNC paths.\u003cbr\u003e\u003c/span\u003eWindows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication.\u003cbr\u003e"
            }
          ],
          "value": "Server-Side Request Forgery (SSRF)\u00a0in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via\u00a0\nmod_rewrite or apache expressions that pass unvalidated request input.\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.63.\n\nNote: \u00a0The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. \n\nThe server offers limited protection against administrators directing the server to open UNC paths.\nWindows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918 Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T16:56:07.720Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-10T00:00:00.000Z",
          "value": "reported"
        }
      ],
      "title": "Apache HTTP Server: SSRF on Windows due to UNC paths",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-43394",
    "datePublished": "2025-07-10T16:56:07.720Z",
    "dateReserved": "2024-08-12T14:02:35.969Z",
    "dateUpdated": "2025-07-15T19:56:32.755Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49812 (GCVE-0-2025-49812)

Vulnerability from cvelistv5

Published

2025-07-10 16:58

Modified

2025-07-15 19:56

Severity ?

CWE

CWE-287 - Improper Authentication

Summary

In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.

References

►

URL

Tags

https://httpd.apache.org/security/vulnerabilities_24.html

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 0 ≤ 2.4.63

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.4,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-49812",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T16:05:54.218961Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:56:14.709Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.63",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Robert Merget (Technology Innovation Institute)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Nurullah Erinola (Ruhr University Bochum)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Marcel Maehren (Ruhr University Bochum)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Lukas Knittel (Ruhr University Bochum)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Sven Hebrok (Paderborn University)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Marcus Brinkmann (Ruhr University Bochum)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Juraj Somorovsky (Paderborn University)"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "J\u00f6rg Schwenk (Ruhr University Bochum)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade.\u003cbr\u003e\u003cbr\u003eOnly configurations using \"SSLEngine optional\" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade."
            }
          ],
          "value": "In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade.\n\nOnly configurations using \"SSLEngine optional\" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287 Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T16:58:23.943Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-22T07:26:00.000Z",
          "value": "Report received"
        },
        {
          "lang": "en",
          "time": "2025-07-07T00:00:00.000Z",
          "value": "2.4.x revision 1927045"
        }
      ],
      "title": "Apache HTTP Server: mod_ssl TLS upgrade attack",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-49812",
    "datePublished": "2025-07-10T16:58:23.943Z",
    "dateReserved": "2025-06-11T09:36:54.723Z",
    "dateUpdated": "2025-07-15T19:56:14.709Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-43204 (GCVE-0-2024-43204)

Vulnerability from cvelistv5

Published

2025-07-10 16:54

Modified

2025-07-15 19:56

Severity ?

CWE

CWE-918 - Server-Side Request Forgery (SSRF)

Summary

SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request. Users are recommended to upgrade to version 2.4.64 which fixes this issue.

References

►

URL

Tags

https://httpd.apache.org/security/vulnerabilities_24.html

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 2.4.0 ≤ 2.4.63

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-43204",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T16:06:58.631485Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:56:45.283Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.63",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.\u0026nbsp; Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 2.4.64 which fixes this issue."
            }
          ],
          "value": "SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.\u00a0 Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request.\n\nUsers are recommended to upgrade to version 2.4.64 which fixes this issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918 Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T16:54:15.759Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-07T09:00:00.000Z",
          "value": "reported"
        }
      ],
      "title": "Apache HTTP Server: SSRF with mod_headers setting Content-Type header",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-43204",
    "datePublished": "2025-07-10T16:54:15.759Z",
    "dateReserved": "2024-08-08T15:13:29.047Z",
    "dateUpdated": "2025-07-15T19:56:45.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49630 (GCVE-0-2025-49630)

Vulnerability from cvelistv5

Published

2025-07-10 16:57

Modified

2025-07-15 19:56

Severity ?

CWE

CWE-617 - Reachable Assertion

Summary

In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2. Configurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to "on".

References

►

URL

Tags

https://httpd.apache.org/security/vulnerabilities_24.html

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 2.4.26 ≤ 2.4.63

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-49630",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T16:06:07.523613Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:56:20.614Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.63",
              "status": "affected",
              "version": "2.4.26",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Anthony CORSIEZ"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In certain proxy configurations, a denial of service attack against\u0026nbsp;Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2.\u003cbr\u003e\u003cbr\u003eConfigurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to \"on\".\u003cbr\u003e"
            }
          ],
          "value": "In certain proxy configurations, a denial of service attack against\u00a0Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2.\n\nConfigurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to \"on\"."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617 Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T16:57:40.117Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-04T14:20:00.000Z",
          "value": "Report received"
        }
      ],
      "title": "Apache HTTP Server: mod_proxy_http2 denial of service",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-49630",
    "datePublished": "2025-07-10T16:57:40.117Z",
    "dateReserved": "2025-06-08T19:44:51.747Z",
    "dateUpdated": "2025-07-15T19:56:20.614Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-53020 (GCVE-0-2025-53020)

Vulnerability from cvelistv5

Published

2025-07-10 16:59

Modified

2025-07-15 19:56

Severity ?

CWE

CWE-401 - Missing Release of Memory after Effective Lifetime

Summary

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue.

References

►

URL

Tags

https://httpd.apache.org/security/vulnerabilities_24.html

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 2.4.17 ≤ 2.4.63

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-53020",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T16:05:41.419033Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:56:07.763Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.63",
              "status": "affected",
              "version": "2.4.17",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Gal Bar Nahum"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eLate Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server.\u003c/p\u003e\u003cp\u003eThis issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 2.4.64, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401 Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T16:59:06.340Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-18T09:19:00.000Z",
          "value": "reported"
        },
        {
          "lang": "en",
          "time": "2025-06-19T09:20:00.000Z",
          "value": "fix developed"
        },
        {
          "lang": "en",
          "time": "2025-07-07T00:00:00.000Z",
          "value": "2.4.x revision 1927046"
        }
      ],
      "title": "Apache HTTP Server: HTTP/2 DoS by Memory Increase",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-53020",
    "datePublished": "2025-07-10T16:59:06.340Z",
    "dateReserved": "2025-06-24T07:13:19.552Z",
    "dateUpdated": "2025-07-15T19:56:07.763Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-42516 (GCVE-0-2024-42516)

Vulnerability from cvelistv5

Published

2025-07-10 16:53

Modified

2025-07-15 19:56

Severity ?

CWE

CWE-20 - Improper Input Validation

Summary

HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue. Users are recommended to upgrade to version 2.4.64, which fixes this issue.

References

►

URL

Tags

https://httpd.apache.org/security/vulnerabilities_24.html

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache HTTP Server	Version: 2.4.0 ≤ 2.4.63

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-42516",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T16:07:07.391732Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:56:51.797Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache HTTP Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.4.63",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response.\u003cbr\u003e\u003cbr\u003eThis vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 2.4.64, which fixes this issue."
            }
          ],
          "value": "HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response.\n\nThis vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes this issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T16:53:13.201Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://httpd.apache.org/security/vulnerabilities_24.html"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-18T12:00:00.000Z",
          "value": "reported"
        }
      ],
      "title": "Apache HTTP Server: HTTP response splitting",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-42516",
    "datePublished": "2025-07-10T16:53:13.201Z",
    "dateReserved": "2024-08-03T18:37:28.141Z",
    "dateUpdated": "2025-07-15T19:56:51.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

wid-sec-w-2025-1529

Vulnerability from csaf_certbund

CVE-2025-23048 (GCVE-0-2025-23048)

Vulnerability from cvelistv5

CVE-2024-47252 (GCVE-0-2024-47252)

Vulnerability from cvelistv5

CVE-2023-38709 (GCVE-0-2023-38709)

Vulnerability from cvelistv5

CVE-2024-43394 (GCVE-0-2024-43394)

Vulnerability from cvelistv5

CVE-2025-49812 (GCVE-0-2025-49812)

Vulnerability from cvelistv5

CVE-2024-43204 (GCVE-0-2024-43204)

Vulnerability from cvelistv5

CVE-2025-49630 (GCVE-0-2025-49630)

Vulnerability from cvelistv5

CVE-2025-53020 (GCVE-0-2025-53020)

Vulnerability from cvelistv5

CVE-2024-42516 (GCVE-0-2024-42516)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature