AZL-65654

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65654.json
JSON Data
https://api.test.osv.dev/v1/vulns/AZL-65654
Upstream
Published
2025-07-23T14:15:34Z
Modified
2026-04-01T05:20:52.832192Z
Summary
CVE-2025-54090 affecting package httpd for versions less than 2.4.65-1
Details

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".

Users are recommended to upgrade to version 2.4.65, which fixes the issue.

References

Affected packages

Azure Linux:3 / httpd

Package

Name
httpd
Purl
pkg:rpm/azure-linux/httpd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.65-1

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65654.json"