{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T14:32:40.553","vulnerabilities":[{"cve":{"id":"CVE-2025-53020","sourceIdentifier":"security@apache.org","published":"2025-07-10T17:15:48.337","lastModified":"2025-11-04T22:16:21.183","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes the issue."},{"lang":"es","value":"Vulnerabilidad de liberación tardía de memoria tras el tiempo de vida útil efectivo en el servidor Apache HTTP. Este problema afecta al servidor Apache HTTP desde la versión 2.4.17 hasta la 2.4.63. Se recomienda actualizar a la versión 2.4.64, que soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.4.17","versionEndExcluding":"2.4.64","matchCriteriaId":"AD8F0C5C-64B1-4F7D-91B1-B2B87CD824B2"}]}]}],"references":[{"url":"https://httpd.apache.org/security/vulnerabilities_24.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2025/07/10/10","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2025/08/msg00009.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}