ALSA-2025:23732
- Source
- https://errata.almalinux.org/8/ALSA-2025-23732.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2025:23732.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2025:23732
- Related
- Published
- 2025-12-22T00:00:00Z
- Modified
- 2025-12-24T10:59:49.665680Z
- Summary
- Important: httpd:2.4 security update
- Details
-
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
- httpd: Apache HTTP Server: CGI environment variable override (CVE-2025-65082)
- modmd: Apache HTTP Server: modmd (ACME), unintended retry intervals (CVE-2025-55753)
- httpd: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo (CVE-2025-66200)
- httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... (CVE-2025-58098)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
-
- https://access.redhat.com/errata/RHSA-2025:23732
- https://access.redhat.com/security/cve/CVE-2025-55753
- https://access.redhat.com/security/cve/CVE-2025-58098
- https://access.redhat.com/security/cve/CVE-2025-65082
- https://access.redhat.com/security/cve/CVE-2025-66200
- https://bugzilla.redhat.com/2419139
- https://bugzilla.redhat.com/2419140
- https://bugzilla.redhat.com/2419262
- https://bugzilla.redhat.com/2419365
- https://errata.almalinux.org/8/ALSA-2025-23732.html