CVE-2025-49812 – Apache HTTP Server mod_ssl TLS Desynchronisation Hijack Vulnerability

July 10, 2025

CVE ID : CVE-2025-49812

Published : July 10, 2025, 5:15 p.m. | 2 hours, 3 minutes ago

Description : In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade.

Only configurations using “SSLEngine optional” to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53020 – Apache HTTP Server Memory Disclosure

Next Article CVE-2025-49630 – Apache HTTP Server mod_proxy_http2 Denial of Service Vulnerability

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

51% claimed already: This Xbox Edition mechanical keyboard is at its lowest price yet while this sale lasts — Nostalgic green transparency for the win

This RDR2 deal feels like highway robbery — grab the “Wild West masterpiece” today before it rides off into the sunset

Grab these 7 Xbox games all under $40 — you don’t have long before Amazon Prime Day ends, so act fast

After 24 hours with Samsung’s Galaxy Z Flip 7, one big thing stands out

The details of TC39’s last meeting

The details of TC39’s last meeting

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

Intelligent Automation in the Healthcare Sector with n8n, OpenAI, and Pinecone

51% claimed already: This Xbox Edition mechanical keyboard is at its lowest price yet while this sale lasts — Nostalgic green transparency for the win

51% claimed already: This Xbox Edition mechanical keyboard is at its lowest price yet while this sale lasts — Nostalgic green transparency for the win

This RDR2 deal feels like highway robbery — grab the “Wild West masterpiece” today before it rides off into the sunset

Grab these 7 Xbox games all under $40 — you don’t have long before Amazon Prime Day ends, so act fast

CVE-2025-49812 – Apache HTTP Server mod_ssl TLS Desynchronisation Hijack Vulnerability

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

CVE-2025-48494 – Gokapi Stored Cross-Site Scripting Vulnerability

CVE-2025-7412 – “Code-Projects Library System Unrestricted File Upload Vulnerability”

CISA Warns of Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code

Chrome just got a whole lot faster—and it’s not just talk this time

CVE-2025-5980 – Code-projects Restaurant Order System SQL Injection Vulnerability

NVIDIA driver issues branded “absolutely abhorrent and completely embarrassing” — Gamers Nexus replicates bugs plaguing PC gamers

How to create a mesh gradient generator in HTML, CSS and JavaScript

CVE-2025-45387 – osTicket Broken Access Control Vulnerability

CVE-2025-49812 – Apache HTTP Server mod_ssl TLS Desynchronisation Hijack Vulnerability

Related Posts