CVE-2026-29168
published 2026-05-05CVE-2026-29168: Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md via OCSP response data. This issue affects Apache HTTP…
high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md via OCSP response data.
This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66.
Users are recommended to upgrade to version 2.4.67, which fixes the issue.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | >= 2.4.30 < 2.4.67 | 2.4.67 |
| apache_software_foundation | apache_http_server | 2.4.30 – 2.4.66 | — |
| httpd_2.4 | mod_md | — | — |
| ubuntu | apache2 | — | — |