Threats Tagged 'cve-2025-55753'

This advisory addresses two security vulnerabilities in the Apache HTTP Server (httpd) 2.4 packages provided by Red Hat. The first vulnerability (CVE-2025-55753) involves unintended retry intervals in the mod_md (ACME) module. The second vulnerability (CVE-2025-58098) concerns Server Side Includes (SSI) adding query strings to the #exec cmd directive. Red Hat has issued an important security update for Red Hat Enterprise Linux 8.2 to address these issues. The advisory does not provide a CVSS score but rates the impact as important.

This advisory addresses two security vulnerabilities in the Apache HTTP Server (httpd) version 2.4 packages provided by Red Hat. The first vulnerability (CVE-2025-55753) involves unintended retry intervals in the mod_md (ACME) module. The second vulnerability (CVE-2025-58098) concerns Server Side Includes (SSI) adding query strings to the #exec cmd= directive. Red Hat has released security updates for Red Hat Enterprise Linux 8.4 to fix these issues. The update is rated as having an Important security impact by Red Hat. No CVSS scores are provided in the advisory. The vulnerabilities relate to CWE-190 (Integer Overflow or Wraparound) and CWE-201 (Information Exposure).

Red Hat has issued a security advisory for the Apache HTTP Server (httpd) version 2.4 packages addressing two vulnerabilities: CVE-2025-55753 affecting the mod_md module with unintended retry intervals, and CVE-2025-58098 involving Server Side Includes adding query strings to #exec commands. These issues have been rated with an Important security impact by Red Hat. Updates are available for Red Hat Enterprise Linux 8.6 variants to remediate these vulnerabilities.

Red Hat issued a security advisory for the Apache HTTP Server (httpd) 2.4 packages addressing two vulnerabilities: CVE-2025-55753 in mod_md related to unintended retry intervals, and CVE-2025-58098 in Server Side Includes where query strings are added to #exec cmd= commands. The update is rated as Important by Red Hat Product Security and affects Red Hat Enterprise Linux 8.8 variants. The advisory provides updated packages to fix these issues.

This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal. Security Fix(es): * mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals (CVE-2025-55753) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.