CVE-2025-3891

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-3891

Severity

7.5

High

CVSS V3

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Description

A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-3891
https://github.com/advisories/GHSA-v96g-5j57-774c
https://access.redhat.com/errata/RHSA-2025:10002
https://access.redhat.com/errata/RHSA-2025:10003
https://access.redhat.com/errata/RHSA-2025:10004
https://access.redhat.com/errata/RHSA-2025:10006
https://access.redhat.com/errata/RHSA-2025:10007
https://access.redhat.com/errata/RHSA-2025:10008
https://access.redhat.com/errata/RHSA-2025:10010
https://access.redhat.com/errata/RHSA-2025:4597
https://access.redhat.com/errata/RHSA-2025:9396
https://access.redhat.com/security/cve/CVE-2025-3891
https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-x7cf-8wgv-5j86
https://lists.debian.org/debian-lts-announce/2025/05/msg00007.html
https://bugzilla.redhat.com/show_bug.cgi?id=2361633
https://github.com/OpenIDC/mod_auth_openidc/commit/6a0b5f66c87184dfe0e4400f6bdd46a82dc0ec2b

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2025-3891

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company