CNNVD-202507-3024 Information
CNNVD ID
CNNVD-202507-3024
Related CVE
- CNNVD Published: 2025-07-23
Description (Chinese)
Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 Apache HTTP Server 2.4.64版本存在安全漏洞,该漏洞源于RewriteCond表达式评估错误,可能导致所有测试结果为真。
Description (English)
Apache HTTP Server is an open-source web server of the Apache Foundation in the United States. The server has a fast, reliable character and can be expanded through a simple API. There is a security loophole in version 2.4.64 of Apache HTTP Server, which stems from a RewriteCond expression assessment error and may result in all test results being genuine.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-07-23
Last Modified
2026-02-24
References
https://www.oracle.com/security-alerts/cpuoct2025.html https://vigilance.fr/vulnerability/Apache-HTTP-Server-ingress-filtrering-bypass-via-RewriteCond-47787
Patch
https://httpd.apache.org/security/vulnerabilities_24.html
Share on: