VYPR
Unrated severityNVD Advisory· Published Dec 5, 2025· Updated Dec 5, 2025

Apache HTTP Server: mod_md (ACME), unintended retry intervals

CVE-2025-55753

Description

An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds.

This issue affects Apache HTTP Server: from 2.4.30 before 2.4.66.

Users are recommended to upgrade to version 2.4.66, which fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

74

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.