CLSA-2025-1758035415
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2025-1758035415.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2025-1758035415
- Upstream
- Published
- 2025-09-16T15:10:19Z
- Modified
- 2026-06-01T00:33:16.429295101Z
- Summary
- httpd: Fix of 2 CVEs
- Details
-
- CVE-2024-47252: escape characters are now properly handled in mod_ssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files
- CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP desynchronisation attack
- References
Affected packages
TuxCare:CentOS:6 / httpd
Package
- Name
- httpd
- Purl
- pkg:rpm/tuxcare/httpd?distro=centos-6
TuxCare:CentOS:6 / httpd-devel
Package
- Name
- httpd-devel
- Purl
- pkg:rpm/tuxcare/httpd-devel?distro=centos-6
TuxCare:CentOS:6 / httpd-manual
Package
- Name
- httpd-manual
- Purl
- pkg:rpm/tuxcare/httpd-manual?distro=centos-6
TuxCare:CentOS:6 / httpd-tools
Package
- Name
- httpd-tools
- Purl
- pkg:rpm/tuxcare/httpd-tools?distro=centos-6