Volerion logoVolerion
Volerion logoVolerion

Apache HTTP Server Rewrite Condition Evaluation Vulnerability

Vulnerability

A vulnerability in Apache HTTP Server in version 2.4.64 causes all 'RewriteCond expr ...' evaluations to incorrectly assess as 'true'. This flaw can disrupt expected behavior in configurations relying on conditional rewrites, potentially leading to unintended URL processing or access control bypasses. The issue is fixed in version 2.4.65.

Impact

Exploitation of this vulnerability could lead to incorrect URL rewriting, causing access control bypasses or unintended resource exposure.

Remediation

Users are advised to upgrade to Apache HTTP Server version 2.4.65, which addresses this vulnerability.

Added: Jul 23, 2025, 2:17 PM
Updated: Jul 23, 2025, 2:17 PM

Vulnerability Rating

Custom Algorithm
spread
9.4
impact
2.5
exploitability
7.6
remediation
7.7
relevance
0.3
threat
0.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.