apache2 (SUSE:Linux Enterprise Server 15 SP6-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 15 SP6-LTSS package apache2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2025-58098 — CVSS 8.3 (high): Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query…
CVE-2025-55753 — CVSS 7.5 (high): An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations)…
CVE-2025-65082 — CVSS 6.5 (medium): Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the…
CVE-2025-66200 — CVSS 5.4 (medium): mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader…