Alerts This Week
Warning Icon 1 938
Alerts This Week
Warning Icon 1 938

SUSE 16.0 Apache2 Important Update Multiple Issues Exploit 2026-21846-1

suse
Calendar Grey June 1, 2026
Dist Suse Esm H88
SUSE Apache2 important security update resolves multiple vulnerabilities. Ensure your system is up to date with this patch.

An update that solves 12 vulnerabilities and contains one feature can now be installed.

Summary

## This update for apache2 fixes the following issues: Changes in apache2: Version update to 2.4.66 (jsc#PED-16181) _) SECURITY: CVE-2025-66200: Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo. mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65._) SECURITY: CVE-2025-65082: Apache HTTP Server: CGI environment variable override. Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache

Topics%20covered

Topics Covered

security advisory security issue SuSE exploit important apache2

References

* jsc#PED-16181

Cross-

* CVE-2024-42516

* CVE-2024-43204

* CVE-2024-47252

* CVE-2025-23048

* CVE-2025-49630

* CVE-2025-49812

* CVE-2025-53020

* CVE-2025-55753

* CVE-2025-58098

* CVE-2025-59775

* CVE-2025-65082

* CVE-2025-66200

CVSS scores:

* CVE-2024-42516 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

* CVE-2024-42516 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

* CVE-2024-42516 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

* CVE-2024-43204 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2024-43204 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

* CVE-2024-43204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:21846-1
Release Date: 2026-05-26T09:51:49Z
Rating: important

Topics%20covered

Topics Covered

security advisory security issue SuSE exploit important apache2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here