AIX Open Source

View Only

httpd 2.4.64 is vulnerable via Tenables Nessus (CVE-2025-54090)

Scott Gruber posted Tue August 05, 2025 12:26 PM

Our security dept. has flagged httpd 2.4.64 as vulnerable via CVE-2025-54090. Please provide an ETA on the fix.

Thanks,

RESHMA KUMAR posted Wed August 06, 2025 09:05 AM

Hi Scott,
This CVE affects OpenSSH.
Please refer https://www.ibm.com/support/pages/security-bulletin-aixvios-vulnerable-expected-behavior-violation-cve-2025-32728-due-openssh for the fix

Scott Gruber posted Wed August 06, 2025 09:12 AM

Hi Kumar, ah yes I pasted the wrong CVE as we had 2 and fixed the OpenSSH one - I adjusted the CVE to reflect httpd is vuln to CVE-2025-54090 - Thanks

RESHMA KUMAR posted Wed August 06, 2025 11:51 AM

We will be uploading httpd 2.4.65 by Friday. This version has fix for CVE-2025-54090.

AIX Open Source

httpd 2.4.64 is vulnerable via Tenables Nessus (CVE-2025-54090)

Additional
Resources

Office

Quick Links

AIX Open Source

httpd 2.4.64 is vulnerable via Tenables Nessus (CVE-2025-54090)

Related Content

httpd 2.4.49 or greater - needed to address CVE-2021-40438

Please update httpd > httpd-2.4.64

httpd security vulnerability fix

httpd security vulnerability fix

httpd security vulnerability fix

Additional Resources

Office

Quick Links

Additional
Resources