CNNVD-202512-691 Information

CNNVD ID

CNNVD-202512-691

Related CVE

CVE-2025-55753

• CNNVD Published: 2025-12-05

Description (Chinese)

Apache HTTP Server是美国阿帕奇（Apache）基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 Apache HTTP Server 2.4.30版本至2.4.66之前版本存在安全漏洞，该漏洞源于ACME证书续订失败时的整数溢出，可能导致无延迟重复尝试续订。

Description (English)

Apache HTTP Server is an open-source web server of the Apache Foundation in the United States. The server has a fast, reliable character and can be expanded through a simple API. There was a security loophole in the pre-Apache HTTP Server 2.4.30 to 2.4.66 versions, which resulted from the integer spill when the ACME certificate failed to renew, which could lead to repeated attempts to renew without delay.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2025-12-05

Last Modified

2026-02-24

References

http://www.openwall.com/lists/oss-security/2025/12/04/4 https://vigilance.fr/vulnerability/Apache-

Patch

https://httpd.apache.org/download.cgi