cve 2025 49630

About this tag
CVE-2025-49630 is a denial-of-service vulnerability in Apache HTTP Server's mod_proxy_http2 module. An untrusted client can trigger an assertion failure in specific reverse-proxy configurations, causing a reliable DoS condition. The flaw affects Apache HTTP Server versions 2.4.26 through 2.4.63 and is fixed in version 2.4.64. Operators running impacted configurations should patch urgently. This tag covers discussions and guidance on CVE-2025-49630, including affected versions, mitigation steps, and the importance of updating to the patched release.
  1. CVE-2025-49630 DoS in Apache mod_proxy_http2: Patch Now

    A recently disclosed vulnerability, tracked as CVE-2025-49630, allows an untrusted client to trigger an assertion failure inside Apache HTTP Server’s mod_proxy_http2 module in particular reverse-proxy configurations, producing a reliable denial-of-service (DoS) condition against affected...