{"id":"AZL-71851","summary":"CVE-2025-55753 affecting package mod_md 2.2.7-4","details":"An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds.\n\nThis issue affects Apache HTTP Server: from 2.4.30 before 2.4.66.\n\n\nUsers are recommended to upgrade to version 2.4.66, which fixes the issue.","modified":"2026-04-01T05:22:06.463293Z","published":"2025-12-05T11:15:51Z","upstream":["CVE-2025-55753"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55753"}],"affected":[{"package":{"name":"mod_md","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/mod_md"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"2.2.7-4"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71851.json"}}],"schema_version":"1.7.5"}