usn-7968-1
Vulnerability from osv_ubuntu
Published
2026-01-19 14:59
Modified
2026-04-27 14:11
Summary
apache2 vulnerabilities
Details

It was discovered that the Apache HTTP Server incorrectly handled failed ACME certificate renewals. This could result in renewal attempts to be repeated without delays, possibly leading to a denial of service. (CVE-2025-55753)

Anthony Parfenov discovered that the Apache HTTP Server would pass the query string to cmd directives when configured with Server Side Includes (SSI) enabled and mod_cgid. An attacker could possibly use this issue to execute arbitrary code. (CVE-2025-58098)

Mattias Åsander discovered that the Apache HTTP Server incorrectly neutralized certain environment variables. This could result in unexpectedly superseding variables calculated by the server for CGI programs. (CVE-2025-65082)

Mattias Åsander discovered that the Apache HTTP Server incorrectly handled AllowOverride FileInfo configurations when using mod_userdir with suexec. An attacker with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. (CVE-2025-66200)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2025-55753",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-58098",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-65082",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-66200",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:22.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "apache2",
            "binary_version": "2.4.52-1ubuntu4.18"
          },
          {
            "binary_name": "apache2-bin",
            "binary_version": "2.4.52-1ubuntu4.18"
          },
          {
            "binary_name": "apache2-data",
            "binary_version": "2.4.52-1ubuntu4.18"
          },
          {
            "binary_name": "apache2-suexec-custom",
            "binary_version": "2.4.52-1ubuntu4.18"
          },
          {
            "binary_name": "apache2-suexec-pristine",
            "binary_version": "2.4.52-1ubuntu4.18"
          },
          {
            "binary_name": "apache2-utils",
            "binary_version": "2.4.52-1ubuntu4.18"
          },
          {
            "binary_name": "libapache2-mod-md",
            "binary_version": "2.4.52-1ubuntu4.18"
          },
          {
            "binary_name": "libapache2-mod-proxy-uwsgi",
            "binary_version": "2.4.52-1ubuntu4.18"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:22.04:LTS",
        "name": "apache2",
        "purl": "pkg:deb/ubuntu/apache2@2.4.52-1ubuntu4.18?arch=source\u0026distro=jammy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.52-1ubuntu4.18"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.4.48-3.1ubuntu3",
        "2.4.48-3.1ubuntu4",
        "2.4.51-2ubuntu1",
        "2.4.52-1ubuntu1",
        "2.4.52-1ubuntu2",
        "2.4.52-1ubuntu4",
        "2.4.52-1ubuntu4.1",
        "2.4.52-1ubuntu4.2",
        "2.4.52-1ubuntu4.3",
        "2.4.52-1ubuntu4.4",
        "2.4.52-1ubuntu4.5",
        "2.4.52-1ubuntu4.6",
        "2.4.52-1ubuntu4.7",
        "2.4.52-1ubuntu4.8",
        "2.4.52-1ubuntu4.9",
        "2.4.52-1ubuntu4.10",
        "2.4.52-1ubuntu4.11",
        "2.4.52-1ubuntu4.12",
        "2.4.52-1ubuntu4.13",
        "2.4.52-1ubuntu4.14",
        "2.4.52-1ubuntu4.15",
        "2.4.52-1ubuntu4.16"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2025-55753",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-58098",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-65082",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-66200",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:24.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "apache2",
            "binary_version": "2.4.58-1ubuntu8.10"
          },
          {
            "binary_name": "apache2-bin",
            "binary_version": "2.4.58-1ubuntu8.10"
          },
          {
            "binary_name": "apache2-data",
            "binary_version": "2.4.58-1ubuntu8.10"
          },
          {
            "binary_name": "apache2-suexec-custom",
            "binary_version": "2.4.58-1ubuntu8.10"
          },
          {
            "binary_name": "apache2-suexec-pristine",
            "binary_version": "2.4.58-1ubuntu8.10"
          },
          {
            "binary_name": "apache2-utils",
            "binary_version": "2.4.58-1ubuntu8.10"
          },
          {
            "binary_name": "libapache2-mod-md",
            "binary_version": "2.4.58-1ubuntu8.10"
          },
          {
            "binary_name": "libapache2-mod-proxy-uwsgi",
            "binary_version": "2.4.58-1ubuntu8.10"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:24.04:LTS",
        "name": "apache2",
        "purl": "pkg:deb/ubuntu/apache2@2.4.58-1ubuntu8.10?arch=source\u0026distro=noble"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.58-1ubuntu8.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.4.57-2ubuntu2",
        "2.4.57-2ubuntu3",
        "2.4.58-1ubuntu1",
        "2.4.58-1ubuntu2",
        "2.4.58-1ubuntu6",
        "2.4.58-1ubuntu7",
        "2.4.58-1ubuntu8",
        "2.4.58-1ubuntu8.1",
        "2.4.58-1ubuntu8.2",
        "2.4.58-1ubuntu8.3",
        "2.4.58-1ubuntu8.4",
        "2.4.58-1ubuntu8.5",
        "2.4.58-1ubuntu8.6",
        "2.4.58-1ubuntu8.7",
        "2.4.58-1ubuntu8.8"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2025-55753",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-58098",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-65082",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2025-66200",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:25.10"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "apache2",
            "binary_version": "2.4.64-1ubuntu3.2"
          },
          {
            "binary_name": "apache2-bin",
            "binary_version": "2.4.64-1ubuntu3.2"
          },
          {
            "binary_name": "apache2-data",
            "binary_version": "2.4.64-1ubuntu3.2"
          },
          {
            "binary_name": "apache2-suexec-custom",
            "binary_version": "2.4.64-1ubuntu3.2"
          },
          {
            "binary_name": "apache2-suexec-pristine",
            "binary_version": "2.4.64-1ubuntu3.2"
          },
          {
            "binary_name": "apache2-utils",
            "binary_version": "2.4.64-1ubuntu3.2"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:25.10",
        "name": "apache2",
        "purl": "pkg:deb/ubuntu/apache2@2.4.64-1ubuntu3.2?arch=source\u0026distro=questing"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4.64-1ubuntu3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.4.63-1ubuntu1",
        "2.4.63-1ubuntu3",
        "2.4.64-1ubuntu2",
        "2.4.64-1ubuntu3"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that the Apache HTTP Server incorrectly handled failed\nACME certificate renewals. This could result in renewal attempts to be\nrepeated without delays, possibly leading to a denial of service.\n(CVE-2025-55753)\n\nAnthony Parfenov discovered that the Apache HTTP Server would pass the\nquery string to cmd directives when configured with Server Side Includes\n(SSI) enabled and mod_cgid. An attacker could possibly use this issue to\nexecute arbitrary code. (CVE-2025-58098)\n\nMattias \u00c5sander discovered that the Apache HTTP Server incorrectly\nneutralized certain environment variables. This could result in\nunexpectedly superseding variables calculated by the server for CGI\nprograms. (CVE-2025-65082)\n\nMattias \u00c5sander discovered that the Apache HTTP Server incorrectly\nhandled AllowOverride FileInfo configurations when using mod_userdir with\nsuexec. An attacker with access to use the RequestHeader directive in\nhtaccess can cause some CGI scripts to run under an unexpected userid.\n(CVE-2025-66200)",
  "id": "USN-7968-1",
  "modified": "2026-04-27T14:11:47Z",
  "published": "2026-01-19T14:59:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-7968-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2025-55753"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2025-58098"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2025-65082"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2025-66200"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "apache2 vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2025-55753",
    "UBUNTU-CVE-2025-58098",
    "UBUNTU-CVE-2025-65082",
    "UBUNTU-CVE-2025-66200"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…