Unrated severityNVD Advisory· Published Jul 10, 2025· Updated Nov 4, 2025
Apache HTTP Server: HTTP/2 DoS by Memory Increase
CVE-2025-53020
Description
Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server.
This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63.
Users are recommended to upgrade to version 2.4.64, which fixes the issue.
Affected products
2- Range: 2.4.17 - 2.4.63
- Apache Software Foundation/Apache HTTP Serverv5Range: 2.4.17
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- httpd.apache.org/security/vulnerabilities_24.htmlmitrevendor-advisory
News mentions
0No linked articles in our index yet.