PT-2025-29120 · Apache+8 · Apache Http Server+8

Gal Bar Nahum

Published

2025-07-10

Updated

2026-06-04

CVE-2025-53020

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.17 through 2.4.63

Description: A late release of memory after effective lifetime issue exists in Apache HTTP Server.

Recommendations: Upgrade to version 2.4.64.

Fix

DoS

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2026:22140

ALSA-2026:22528

ALSA-2026:22551

ALT-PU-2025-9538

ALT-PU-2025-9924

AZL-65094

AZL-65109

BDU:2025-08955

BIT-APACHE-2025-53020

CVE-2025-53020

DLA-4270-1

MGASA-2025-0301

OPENSUSE-SU-2025:15360-1

OPENSUSE-SU-2026:20810-1

SUSE-SU-2025:02565-1

SUSE-SU-2025:02682-1

SUSE-SU-2025:02683-1

SUSE-SU-2025:02684-1

SUSE-SU-2025:02685-1

SUSE-SU-2025_02565-1

SUSE-SU-2025_02682-1

SUSE-SU-2025_02683-1

SUSE-SU-2025_02684-1

SUSE-SU-2025_02685-1

SUSE-SU-2026:21846-1

USN-7639-1

USN-7639-2

Affected Products

Alt Linux

Apache Http Server

Astra Linux

Debian

Linuxmint

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2025-53020

Weakness Enumeration

Related Identifiers

Affected Products

References · 114