CVE-2025-55753
EUVD-2025-20139505.12.2025, 11:15
An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache HTTP Server: from 2.4.30 before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| apache | http_server | 2.4.30 ≤ 𝑥 < 2.4.66 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| apache2 |
| ||||||||||||||||||||
| apache2-devel |
| ||||||||||||||||||||
| apache2-doc |
| ||||||||||||||||||||
| apache2-example-pages |
| ||||||||||||||||||||
| apache2-prefork |
| ||||||||||||||||||||
| apache2-tls13 |
| ||||||||||||||||||||
| apache2-tls13-devel |
| ||||||||||||||||||||
| apache2-tls13-doc |
| ||||||||||||||||||||
| apache2-tls13-example-pages |
| ||||||||||||||||||||
| apache2-tls13-prefork |
| ||||||||||||||||||||
| apache2-tls13-utils |
| ||||||||||||||||||||
| apache2-tls13-worker |
| ||||||||||||||||||||
| apache2-utils |
| ||||||||||||||||||||
| apache2-worker |
|
