CNNVD-202512-688 Information
CNNVD ID
CNNVD-202512-688
Related CVE
- CNNVD Published: 2025-12-05
Description (Chinese)
Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 Apache HTTP Server 2.4.0版本至2.4.65版本存在安全漏洞,该漏洞源于环境变量中和不当,可能导致CGI程序变量被意外覆盖。
Description (English)
Apache HTTP Server is an open-source web server of the Apache Foundation in the United States. The server has a fast, reliable character and can be expanded through a simple API. There is a security loophole between Apache HTTP Server versions 2.4.0 and 2.4.65, which stems from the misalignment of environmental variables and may lead to unexpected coverage of CGI program variables.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-12-05
Last Modified
2026-02-24
References
http://www.openwall.com/lists/oss-security/2025/12/04/7 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-65082 https://www.oracle.com/security-alerts/cpujan2026.html https://vigilance.fr/vulnerability/Apache-
Patch
https://httpd.apache.org/download.cgi
Share on: