CVE-2025-55753: An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache HTTP Server: from 2.4.30 before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue.

Kurzinfo

Veroeffentlicht: 2025-12-04 00:00 UTC Importiert: 2026-05-14 20:48 UTC CVSS: 7.5 Quelle-ID: apache_httpd_sec uid_hash: fed6d2d8fbbdb690cfc1e87652af3d750ed556838f4566054b02a183f447ed41
Apache HTTP Server Security (httpd.org JSON)

Verknuepfte CVEs

CVE-ID Severity (CVE.org) CVSS (CVE.org) EPSS EPSS-% Veroeffentlicht (CVE.org)

CVE-2025-55753

 HIGH 7.5 - - 2025-12-05

Quellen-Details

Bezeichnung Name Kategorie Tags Zielgruppe Sprache Feed-URL
Apache HTTP Server Security (httpd.org JSON)

apache_httpd_sec

 vendor_advisory webserver, httpd - de https://httpd.apache.org/security/vulnerabilities-httpd.json
Zurueck zur Eintrags-Liste