IBM HTTP Server is affected by a security bypass vulnerability due to the included Apache HTTP Server (CVE-2025-54090)

Authors: Created by IBM

IBM HTTP Server used by IBM WebSphere Application Server is affected by a security bypass vulnerability due to the included Apache HTTP Server.This affects IBM HTTP Server with IFPH67153 installed. CVEID: CVE-2025-54090 ^[1]
DESCRIPTION: A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".Users are recommended to upgrade to version 2.4.65, which fixes the issue.
CWE:...

Just published by IBM: Read more