vulnerability
Alpine Linux: CVE-2025-59775: Server-Side Request Forgery (SSRF)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:C/I:N/A:N) | Dec 5, 2025 | Dec 8, 2025 | Dec 8, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:N)
Published
Dec 5, 2025
Added
Dec 8, 2025
Modified
Dec 8, 2025
Description
Server-Side Request Forgery (SSRF) vulnerability
in Apache HTTP Server on Windows
with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM
hashes to a malicious server via SSRF and malicious requests or content
Users are recommended to upgrade to version 2.4.66, which fixes the issue.
in Apache HTTP Server on Windows
with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM
hashes to a malicious server via SSRF and malicious requests or content
Users are recommended to upgrade to version 2.4.66, which fixes the issue.
Solution
alpine-linux-upgrade-apache2
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.