CVE-2025-65082

Gravedad:

Pendiente de análisis

Tipo:

No Disponible / Otro tipo

Fecha de publicación:

05/12/2025

Última modificación:

05/12/2025

Descripción

*** Pendiente de traducción *** Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs.<br /> <br /> This issue affects Apache HTTP Server from 2.4.0 through 2.4.65.<br /> <br /> Users are recommended to upgrade to version 2.4.66 which fixes the issue.

Impacto

Referencias a soluciones, herramientas e información

https://httpd.apache.org/security/vulnerabilities_24.html
http://www.openwall.com/lists/oss-security/2025/12/04/7