CVE-2025-53020

Published Jul 10, 2025

Last updated 3 days ago

CVSS high 7.5

Overview

Description
Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue.
Source
security@apache.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity
HIGH

Weaknesses

security@apache.org
CWE-401

Social media

Hype score
Not currently trending

  1. Warning: A High-Severity vulnerability in @apache_httpd (CVE-2025-53020, CVSS 7.5) allows Denial of Service attacks and poses a serious risk to your systems. Immediate action is critical! Protect your infrastructure now. Details: https://t.co/skZowBw1hR #Cybersecurity #Patch

    @CCBalert

    15 Jul 2025

    62 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.