Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-29404 (GCVE-0-2022-29404)
Vulnerability from cvelistv5 – Published: 2022-06-08 10:00 – Updated: 2024-08-03 06:17
VLAI
EPSS
Title
Denial of service in mod_lua r:parsebody
Summary
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
Severity
No CVSS data available.
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://httpd.apache.org/security/vulnerabilities… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2022/06/08/5 | mailing-listx_refsource_MLIST |
| https://security.netapp.com/advisory/ntap-2022062… | x_refsource_CONFIRM |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://security.gentoo.org/glsa/202208-20 | vendor-advisoryx_refsource_GENTOO |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Affected:
unspecified , ≤ 2.4.53
(custom)
|
Credits
The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:17:55.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[oss-security] 20220608 CVE-2022-29404: Apache HTTP Server: Denial of service in mod_lua r:parsebody",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/08/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0005/"
},
{
"name": "FEDORA-2022-e620fb15d5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/"
},
{
"name": "FEDORA-2022-b54a8dee29",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/"
},
{
"name": "GLSA-202208-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-20"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.4.53",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue"
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size."
}
],
"metrics": [
{
"other": {
"content": {
"other": "low"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-14T01:06:33.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[oss-security] 20220608 CVE-2022-29404: Apache HTTP Server: Denial of service in mod_lua r:parsebody",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/08/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0005/"
},
{
"name": "FEDORA-2022-e620fb15d5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/"
},
{
"name": "FEDORA-2022-b54a8dee29",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/"
},
{
"name": "GLSA-202208-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-20"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2022-06-08T00:00:00.000Z",
"value": "released in 2.4.54"
}
],
"title": "Denial of service in mod_lua r:parsebody",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-29404",
"STATE": "PUBLIC",
"TITLE": "Denial of service in mod_lua r:parsebody"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.4.53"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[oss-security] 20220608 CVE-2022-29404: Apache HTTP Server: Denial of service in mod_lua r:parsebody",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/06/08/5"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220624-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220624-0005/"
},
{
"name": "FEDORA-2022-e620fb15d5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/"
},
{
"name": "FEDORA-2022-b54a8dee29",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/"
},
{
"name": "GLSA-202208-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-20"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2022-06-08T00:00:00.000Z",
"value": "released in 2.4.54"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-29404",
"datePublished": "2022-06-08T10:00:52.000Z",
"dateReserved": "2022-04-16T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:17:55.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-29404",
"date": "2026-05-29",
"epss": "0.02008",
"percentile": "0.83982"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-29404\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2022-06-09T17:15:09.283\",\"lastModified\":\"2024-11-21T06:59:01.000\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.\"},{\"lang\":\"es\",\"value\":\"En Apache HTTP Server 2.4.53 y anteriores, una petici\u00f3n maliciosa a un script lua que llame a r:parsebody(0) puede causar una denegaci\u00f3n de servicio debido a que no presenta un l\u00edmite por defecto en el tama\u00f1o posible de la entrada\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.4.53\",\"matchCriteriaId\":\"B39537A1-5A13-491A-B333-BB53FF718EA7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FE996B1-6951-4F85-AA58-B99A379D2163\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2022/06/08/5\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.gentoo.org/glsa/202208-20\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220624-0005/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/06/08/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202208-20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220624-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
GHSA-JQ5M-VPG7-GHPV
Vulnerability from github – Published: 2022-06-10 00:00 – Updated: 2022-06-17 00:01
VLAI
Details
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
Severity
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2022-29404"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-09T17:15:00Z",
"severity": "HIGH"
},
"details": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"id": "GHSA-jq5m-vpg7-ghpv",
"modified": "2022-06-17T00:01:28Z",
"published": "2022-06-10T00:00:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29404"
},
{
"type": "WEB",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20220624-0005"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2022/06/08/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2022-29404
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-29404",
"description": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"id": "GSD-2022-29404",
"references": [
"https://security.archlinux.org/CVE-2022-29404",
"https://advisories.mageia.org/CVE-2022-29404.html",
"https://www.suse.com/security/cve/CVE-2022-29404.html",
"https://ubuntu.com/security/CVE-2022-29404",
"https://alas.aws.amazon.com/cve/html/CVE-2022-29404.html",
"https://access.redhat.com/errata/RHSA-2022:6753",
"https://access.redhat.com/errata/RHSA-2022:7647",
"https://access.redhat.com/errata/RHSA-2022:8067"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-29404"
],
"details": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"id": "GSD-2022-29404",
"modified": "2023-12-13T01:19:41.710588Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-29404",
"STATE": "PUBLIC",
"TITLE": "Denial of service in mod_lua r:parsebody"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.4.53"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "low"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[oss-security] 20220608 CVE-2022-29404: Apache HTTP Server: Denial of service in mod_lua r:parsebody",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/06/08/5"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220624-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220624-0005/"
},
{
"name": "FEDORA-2022-e620fb15d5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/"
},
{
"name": "FEDORA-2022-b54a8dee29",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/"
},
{
"name": "GLSA-202208-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-20"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "eng",
"time": "2022-06-08",
"value": "released in 2.4.54"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.53",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-29404"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20220608 CVE-2022-29404: Apache HTTP Server: Denial of service in mod_lua r:parsebody",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2022/06/08/5"
},
{
"name": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220624-0005/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220624-0005/"
},
{
"name": "FEDORA-2022-e620fb15d5",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/"
},
{
"name": "FEDORA-2022-b54a8dee29",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/"
},
{
"name": "GLSA-202208-20",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-20"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-08-24T18:17Z",
"publishedDate": "2022-06-09T17:15Z"
}
}
}
ICSA-25-133-01
Vulnerability from csaf_cisa - Published: 2025-02-25 13:30 - Updated: 2025-02-25 13:30Summary
Hitachi Energy Service Suite
Severity
Critical
Notes
Summary: Hitachi Energy is aware of the multiple vulnerabilities related to open-source Apache Tomcat components that affect the Service Suite product versions listed in this document. An attacker successfully exploiting these
vulnerabilities can cause confidentiality, integrity and availability impacts.
Please refer to the Recommended Immediate Actions for information about the mitigation/remediation.
Notice: The information in this document is subject to change without notice and should not be construed as a commitment by Hitachi Energy. Hitachi Energy provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall Hitachi Energy or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if Hitachi Energy or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from Hitachi Energy and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners.
Support: For additional information and support please contact your product provider or Hitachi Energy service organization. For contact information, see https://www.hitachienergy.com/contact-us/ for Hitachi Energy contact-centers.
General Mitigation Factors: Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that have to be evaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system. Proper password policies and processes should be followed.
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer: This ICSA is a verbatim republication of Hitachi Energy PSIRT 8DBD000209 from a direct conversion of their vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Hitachi Energy PSIRT directly for any questions regarding this advisory.
Critical infrastructure sectors: Energy
Countries/areas deployed: Worldwide
Company headquarters location: Switzerland
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
9.1 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
9 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite version 9.8.1.4
Hitachi Energy / Service Suite
|
9.8.1.4 |
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hitachi Energy Service Suite versions 9.8.1.3 and below
Hitachi Energy / Service Suite
|
<=9.8.1.3 |
Vendor Fix
|
References
10 references
Acknowledgments
Hitachi Energy PSIRT
{
"document": {
"acknowledgments": [
{
"organization": "Hitachi Energy PSIRT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/specification-document",
"text": "CRITICAL"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "summary",
"text": "Hitachi Energy is aware of the multiple vulnerabilities related to open-source Apache Tomcat components that affect the Service Suite product versions listed in this document. An attacker successfully exploiting these\nvulnerabilities can cause confidentiality, integrity and availability impacts.\nPlease refer to the Recommended Immediate Actions for information about the mitigation/remediation.",
"title": "Summary"
},
{
"category": "legal_disclaimer",
"text": "The information in this document is subject to change without notice and should not be construed as a commitment by Hitachi Energy. Hitachi Energy provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall Hitachi Energy or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if Hitachi Energy or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from Hitachi Energy and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners.",
"title": "Notice"
},
{
"category": "general",
"text": "For additional information and support please contact your product provider or Hitachi Energy service organization. For contact information, see https://www.hitachienergy.com/contact-us/ for Hitachi Energy contact-centers.",
"title": "Support"
},
{
"category": "general",
"text": "Recommended security practices and firewall configurations can help protect a process control network from attacks that originate from outside the network. Such practices include that process control systems are physically protected from direct access by unauthorized personnel, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed, and others that have to be evaluated case by case. Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails. Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system. Proper password policies and processes should be followed.",
"title": "General Mitigation Factors"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This ICSA is a verbatim republication of Hitachi Energy PSIRT 8DBD000209 from a direct conversion of their vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Hitachi Energy PSIRT directly for any questions regarding this advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Energy",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Switzerland",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-25-133-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-133-01.json"
},
{
"category": "self",
"summary": "Cybersecurity Advisory - Apache Tomcat Vulnerabilities in Hitachi Energy Service Suite Product",
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000209\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=launch"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-25-133-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-133-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Hitachi Energy Service Suite",
"tracking": {
"current_release_date": "2025-02-25T13:30:00.000000Z",
"generator": {
"date": "2025-05-13T18:02:50.443527Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-25-133-01",
"initial_release_date": "2025-02-25T13:30:00.000000Z",
"revision_history": [
{
"date": "2025-02-25T13:30:00.000000Z",
"number": "1",
"summary": "Initial version."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=9.8.1.3",
"product": {
"name": "Hitachi Energy Service Suite versions 9.8.1.3 and below",
"product_id": "CSAFPID-0001"
}
},
{
"category": "product_version",
"name": "9.8.1.4",
"product": {
"name": "Hitachi Energy Service Suite version 9.8.1.4",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Service Suite"
}
],
"category": "vendor",
"name": "Hitachi Energy"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-31813",
"cwe": {
"id": "CWE-348",
"name": "Use of Less Trusted Source"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2023-25690",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-28615",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-36760",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 9,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2023-27522",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2006-20001",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-29404",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-30556",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-30522",
"cwe": {
"id": "CWE-789",
"name": "Memory Allocation with Excessive Size Value"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-26377",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2023-31122",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2023-43622",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2023-45802",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-37436",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-28614",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2022-28330",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Apache HTTP Server 2.4 vulnerabilities"
}
],
"product_status": {
"fixed": [
"CSAFPID-0002"
],
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "Apache HTTP Server 2.4 vulnerabilities",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to version 9.8.1.4",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
OPENSUSE-SU-2024:12142-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
apache2-2.4.54-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: apache2-2.4.54-1.1 on GA media
Description of the patch: These are all security issues fixed in the apache2-2.4.54-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-12142
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "apache2-2.4.54-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the apache2-2.4.54-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12142",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12142-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26377 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28330 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28330/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28614 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28615 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29404 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30522 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30556 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31813 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31813/"
}
],
"title": "apache2-2.4.54-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12142-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.54-1.1.aarch64",
"product": {
"name": "apache2-2.4.54-1.1.aarch64",
"product_id": "apache2-2.4.54-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.54-1.1.ppc64le",
"product": {
"name": "apache2-2.4.54-1.1.ppc64le",
"product_id": "apache2-2.4.54-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.54-1.1.s390x",
"product": {
"name": "apache2-2.4.54-1.1.s390x",
"product_id": "apache2-2.4.54-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.54-1.1.x86_64",
"product": {
"name": "apache2-2.4.54-1.1.x86_64",
"product_id": "apache2-2.4.54-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64"
},
"product_reference": "apache2-2.4.54-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le"
},
"product_reference": "apache2-2.4.54-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.54-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x"
},
"product_reference": "apache2-2.4.54-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
},
"product_reference": "apache2-2.4.54-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-26377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26377"
}
],
"notes": [
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027) vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26377",
"url": "https://www.suse.com/security/cve/CVE-2022-26377"
},
{
"category": "external",
"summary": "SUSE Bug 1200338 for CVE-2022-26377",
"url": "https://bugzilla.suse.com/1200338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-26377"
},
{
"cve": "CVE-2022-28330",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28330"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28330",
"url": "https://www.suse.com/security/cve/CVE-2022-28330"
},
{
"category": "external",
"summary": "SUSE Bug 1200339 for CVE-2022-28330",
"url": "https://bugzilla.suse.com/1200339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-28330"
},
{
"cve": "CVE-2022-28614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28614"
}
],
"notes": [
{
"category": "general",
"text": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the \u0027ap_rputs\u0027 function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28614",
"url": "https://www.suse.com/security/cve/CVE-2022-28614"
},
{
"category": "external",
"summary": "SUSE Bug 1200340 for CVE-2022-28614",
"url": "https://bugzilla.suse.com/1200340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-28614"
},
{
"cve": "CVE-2022-28615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28615"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28615",
"url": "https://www.suse.com/security/cve/CVE-2022-28615"
},
{
"category": "external",
"summary": "SUSE Bug 1200341 for CVE-2022-28615",
"url": "https://bugzilla.suse.com/1200341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-28615"
},
{
"cve": "CVE-2022-29404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29404"
}
],
"notes": [
{
"category": "general",
"text": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29404",
"url": "https://www.suse.com/security/cve/CVE-2022-29404"
},
{
"category": "external",
"summary": "SUSE Bug 1200345 for CVE-2022-29404",
"url": "https://bugzilla.suse.com/1200345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-29404"
},
{
"cve": "CVE-2022-30522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30522"
}
],
"notes": [
{
"category": "general",
"text": "If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30522",
"url": "https://www.suse.com/security/cve/CVE-2022-30522"
},
{
"category": "external",
"summary": "SUSE Bug 1200352 for CVE-2022-30522",
"url": "https://bugzilla.suse.com/1200352"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-30522"
},
{
"cve": "CVE-2022-30556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30556"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30556",
"url": "https://www.suse.com/security/cve/CVE-2022-30556"
},
{
"category": "external",
"summary": "SUSE Bug 1200350 for CVE-2022-30556",
"url": "https://bugzilla.suse.com/1200350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-30556"
},
{
"cve": "CVE-2022-31813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31813"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31813",
"url": "https://www.suse.com/security/cve/CVE-2022-31813"
},
{
"category": "external",
"summary": "SUSE Bug 1200348 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1200348"
},
{
"category": "external",
"summary": "SUSE Bug 1219585 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1219585"
},
{
"category": "external",
"summary": "SUSE Bug 1225670 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1225670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.54-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.54-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-31813"
}
]
}
RHSA-2022:6753
Vulnerability from csaf_redhat - Published: 2022-09-29 13:33 - Updated: 2026-05-14 22:32Summary
Red Hat Security Advisory: httpd24-httpd security and bug fix update
Severity
Moderate
Notes
Topic: An update for httpd24-httpd is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)
* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)
* httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)
* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)
* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)
* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)
* httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)
* httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)
* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)
* httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)
* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)
* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)
* httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614)
* httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)
* httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319)
Additional changes:
* To fix CVE-2022-29404, the default value for the "LimitRequestBody" directive in the Apache HTTP Server has been changed from 0 (unlimited) to 1 GiB.
On systems where the value of "LimitRequestBody" is not explicitly specified in an httpd configuration file, updating the httpd package sets "LimitRequestBody" to the default value of 1 GiB. As a consequence, if the total size of the HTTP request body exceeds this 1 GiB default limit, httpd returns the 413 Request Entity Too Large error code.
If the new default allowed size of an HTTP request message body is insufficient for your use case, update your httpd configuration files within the respective context (server, per-directory, per-file, or per-location) and set your preferred limit in bytes. For example, to set a new 2 GiB limit, use:
LimitRequestBody 2147483648
Systems already configured to use any explicit value for the "LimitRequestBody" directive are unaffected by this change.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds write in function ap_escape_quotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function.
8.1 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.
7.1 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write.
7.4 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker.
8.1 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An HTTP request smuggling vulnerability was found in the mod_proxy_ajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests.
6.5 (Medium)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_rputs and ap_rwrite functions can lead to an integer overflow and result in an out-of-bounds read.
5.3 (Medium)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_strcmp_match function can lead to an integer overflow and result in an out-of-bounds read.
7.4 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the mod_lua module of httpd. A malicious request to a Lua script that calls parsebody(0) can lead to a denial of service due to no default limit on the possible input size.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_sed module of httpd. A very large input to the mod_sed module can result in a denial of service due to excessively large memory allocations.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_lua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the mod_proxy module of httpd. The server may remove the X-Forwarded-* headers from a request based on the client-side Connection header hop-by-hop mechanism.
7.3 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
92 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd24-httpd is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)\n\n* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)\n\n* httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)\n\n* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)\n\n* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)\n\n* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)\n\n* httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)\n\n* httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)\n\n* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)\n\n* httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)\n\n* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)\n\n* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)\n\n* httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614)\n\n* httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)\n\n* httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319)\n\nAdditional changes:\n\n* To fix CVE-2022-29404, the default value for the \"LimitRequestBody\" directive in the Apache HTTP Server has been changed from 0 (unlimited) to 1 GiB. \n\nOn systems where the value of \"LimitRequestBody\" is not explicitly specified in an httpd configuration file, updating the httpd package sets \"LimitRequestBody\" to the default value of 1 GiB. As a consequence, if the total size of the HTTP request body exceeds this 1 GiB default limit, httpd returns the 413 Request Entity Too Large error code.\n\nIf the new default allowed size of an HTTP request message body is insufficient for your use case, update your httpd configuration files within the respective context (server, per-directory, per-file, or per-location) and set your preferred limit in bytes. For example, to set a new 2 GiB limit, use:\n\nLimitRequestBody 2147483648\n\nSystems already configured to use any explicit value for the \"LimitRequestBody\" directive are unaffected by this change.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6753",
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/6975397",
"url": "https://access.redhat.com/articles/6975397"
},
{
"category": "external",
"summary": "1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "2005119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005119"
},
{
"category": "external",
"summary": "2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "external",
"summary": "2064319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319"
},
{
"category": "external",
"summary": "2064320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320"
},
{
"category": "external",
"summary": "2064322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322"
},
{
"category": "external",
"summary": "2094997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997"
},
{
"category": "external",
"summary": "2095002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002"
},
{
"category": "external",
"summary": "2095006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006"
},
{
"category": "external",
"summary": "2095012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012"
},
{
"category": "external",
"summary": "2095015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015"
},
{
"category": "external",
"summary": "2095018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018"
},
{
"category": "external",
"summary": "2095020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6753.json"
}
],
"title": "Red Hat Security Advisory: httpd24-httpd security and bug fix update",
"tracking": {
"current_release_date": "2026-05-14T22:32:51+00:00",
"generator": {
"date": "2026-05-14T22:32:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2022:6753",
"initial_release_date": "2022-09-29T13:33:06+00:00",
"revision_history": [
{
"date": "2022-09-29T13:33:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-09-29T13:33:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:32:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"product": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"product_id": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-23.el7.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.34-23.el7.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.34-23.el7.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.34-23.el7.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"product": {
"name": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"product_id": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.34-23.el7.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.34-23.el7.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.34-23.el7.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.34-23.el7.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.34-23.el7.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.34-23.el7.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.34-23.el7.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.src as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33193",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966728"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Request splitting via HTTP/2 method injection and mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33193"
},
{
"category": "external",
"summary": "RHBZ#1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193"
},
{
"category": "external",
"summary": "https://portswigger.net/research/http2",
"url": "https://portswigger.net/research/http2"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. More information available at: https://httpd.apache.org/docs/2.4/mod/mod_http2.html",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Request splitting via HTTP/2 method injection and mod_proxy"
},
{
"cve": "CVE-2021-34798",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005128"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference via malformed requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34798"
},
{
"category": "external",
"summary": "RHBZ#2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: NULL pointer dereference via malformed requests"
},
{
"cve": "CVE-2021-36160",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005124"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36160"
},
{
"category": "external",
"summary": "RHBZ#2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path"
},
{
"cve": "CVE-2021-39275",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005119"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write in function ap_escape_quotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds write in ap_escape_quotes() via malicious input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No httpd module in Red Hat Enterprise Linux and Red Hat Software Collections pass untrusted data to ap_escape_quotes function, thus the Impact of the flaw has been set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39275"
},
{
"category": "external",
"summary": "RHBZ#2005119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005119"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39275",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39275"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Out-of-bounds write in ap_escape_quotes() via malicious input"
},
{
"cve": "CVE-2021-44224",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034672"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a null pointer dereference and server-side request forgery flaw in httpd\u0027s mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: possible NULL dereference or SSRF in forward proxy configurations",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect httpd configurations that do not use forward proxy functionality (configurations where ProxyRequests is turned off).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44224"
},
{
"category": "external",
"summary": "RHBZ#2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44224",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44224"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224"
},
{
"category": "external",
"summary": "http://httpd.apache.org/security/vulnerabilities_24.html",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: possible NULL dereference or SSRF in forward proxy configurations"
},
{
"cve": "CVE-2022-22719",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064322"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: Use of uninitialized value of in r:parsebody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22719"
},
{
"category": "external",
"summary": "RHBZ#2064322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22719"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22719",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22719"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw. See https://access.redhat.com/articles/10649 for more information.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_lua: Use of uninitialized value of in r:parsebody"
},
{
"cve": "CVE-2022-22721",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default configuration of the LimitXMLRequestBody option on RHEL is 1MB and therefore is not vulnerable to this flaw. Also, this issue is known to only affect 32bit httpd builds.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22721"
},
{
"category": "external",
"summary": "RHBZ#2064320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22721"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22721",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22721"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Set the LimitXMLRequestBody option to a value smaller than 350MB. Setting it to 0 is not recommended as it will use a hard limit (depending on 32bit or 64bit systems) which may result in an overall system out-of-memory. The default configuration is not vulnerable to this flaw, see the statement above.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody"
},
{
"cve": "CVE-2022-23943",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064319"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_sed: Read/write beyond bounds",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The `mod_sed` module is disabled by default on Red Hat Enterprise Linux 7 and 8. For this reason, the flaw has been rated as having a security impact of Moderate. The httpd package as shipped with Red Hat Enterprise Linux 6 is not affected by this flaw because the `mod_sed` module is available only in httpd 2.3 and later.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23943"
},
{
"category": "external",
"summary": "RHBZ#2064319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23943"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23943",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23943"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-23943",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-23943"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_sed and restarting httpd will mitigate this flaw. See https://access.redhat.com/articles/10649 for more information.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_sed: Read/write beyond bounds"
},
{
"cve": "CVE-2022-26377",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2094997"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP request smuggling vulnerability was found in the mod_proxy_ajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_ajp: Possible request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The httpd mod_proxy_ajp module is enabled by default on Red Hat Enterprise Linux 8, 9, and in RHSCL. However, there are no directives forwarding requests using the AJP protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26377"
},
{
"category": "external",
"summary": "RHBZ#2094997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26377",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26377"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_proxy_ajp and restarting httpd will mitigate this flaw.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_ajp: Possible request smuggling"
},
{
"cve": "CVE-2022-28614",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095002"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_rputs and ap_rwrite functions can lead to an integer overflow and result in an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds read via ap_rwrite()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28614"
},
{
"category": "external",
"summary": "RHBZ#2095002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28614"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Out-of-bounds read via ap_rwrite()"
},
{
"cve": "CVE-2022-28615",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095006"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_strcmp_match function can lead to an integer overflow and result in an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds read in ap_strcmp_match()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "According to upstream, no code distributed with the httpd server can exploit this flaw, however, third-party modules or Lua scripts that use the ap_strcmp_match function could potentially be affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28615"
},
{
"category": "external",
"summary": "RHBZ#2095006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28615"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Out-of-bounds read in ap_strcmp_match()"
},
{
"cve": "CVE-2022-29404",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095012"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. A malicious request to a Lua script that calls parsebody(0) can lead to a denial of service due to no default limit on the possible input size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: DoS in r:parsebody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29404"
},
{
"category": "external",
"summary": "RHBZ#2095012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29404"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_lua: DoS in r:parsebody"
},
{
"cve": "CVE-2022-30522",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_sed module of httpd. A very large input to the mod_sed module can result in a denial of service due to excessively large memory allocations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_sed: DoS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The mod_sed module is disabled by default on Red Hat Enterprise Linux 7 and 8. The httpd package as shipped with Red Hat Enterprise Linux 6 is not affected by this flaw because the mod_sed module is not available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30522"
},
{
"category": "external",
"summary": "RHBZ#2095015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30522"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30522",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30522"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_sed and restarting httpd will mitigate this flaw.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_sed: DoS vulnerability"
},
{
"cve": "CVE-2022-30556",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: Information disclosure with websockets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua. Red Hat Enterprise Linux 7 is not affected by this flaw because the wsread function is not available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30556"
},
{
"category": "external",
"summary": "RHBZ#2095018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30556"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30556",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30556"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_lua: Information disclosure with websockets"
},
{
"cve": "CVE-2022-31813",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095020"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. The server may remove the X-Forwarded-* headers from a request based on the client-side Connection header hop-by-hop mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31813"
},
{
"category": "external",
"summary": "RHBZ#2095020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31813"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism"
}
]
}
RHSA-2022:7647
Vulnerability from csaf_redhat - Published: 2022-11-08 09:35 - Updated: 2026-03-23 00:45Summary
Red Hat Security Advisory: httpd:2.4 security update
Severity
Moderate
Notes
Topic: An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)
* httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)
* httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)
* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)
* httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)
* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)
* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)
* httpd: Out-of-bounds read via ap_rwrite() (CVE-2022-28614)
* httpd: Out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)
* httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write.
7.4 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker.
8.1 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An HTTP request smuggling vulnerability was found in the mod_proxy_ajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests.
6.5 (Medium)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_rputs and ap_rwrite functions can lead to an integer overflow and result in an out-of-bounds read.
5.3 (Medium)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
Threats
Impact
Low
An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_strcmp_match function can lead to an integer overflow and result in an out-of-bounds read.
7.4 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the mod_lua module of httpd. A malicious request to a Lua script that calls parsebody(0) can lead to a denial of service due to no default limit on the possible input size.
7.5 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_sed module of httpd. A very large input to the mod_sed module can result in a denial of service due to excessively large memory allocations.
7.5 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_lua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure.
7.5 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the mod_proxy module of httpd. The server may remove the X-Forwarded-* headers from a request based on the client-side Connection header hop-by-hop mechanism.
7.3 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
64 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)\n\n* httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)\n\n* httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)\n\n* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)\n\n* httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)\n\n* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)\n\n* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)\n\n* httpd: Out-of-bounds read via ap_rwrite() (CVE-2022-28614)\n\n* httpd: Out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)\n\n* httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:7647",
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"category": "external",
"summary": "2064319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319"
},
{
"category": "external",
"summary": "2064320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320"
},
{
"category": "external",
"summary": "2064322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322"
},
{
"category": "external",
"summary": "2094997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997"
},
{
"category": "external",
"summary": "2095002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002"
},
{
"category": "external",
"summary": "2095006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006"
},
{
"category": "external",
"summary": "2095012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012"
},
{
"category": "external",
"summary": "2095015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015"
},
{
"category": "external",
"summary": "2095018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018"
},
{
"category": "external",
"summary": "2095020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7647.json"
}
],
"title": "Red Hat Security Advisory: httpd:2.4 security update",
"tracking": {
"current_release_date": "2026-03-23T00:45:07+00:00",
"generator": {
"date": "2026-03-23T00:45:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2022:7647",
"initial_release_date": "2022-11-08T09:35:12+00:00",
"revision_history": [
{
"date": "2022-11-08T09:35:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-08T09:35:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-23T00:45:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src (httpd:2.4)",
"product_id": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=src\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=src\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"product": {
"name": "httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch (httpd:2.4)",
"product_id": "httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-filesystem@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=noarch\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"product": {
"name": "httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch (httpd:2.4)",
"product_id": "httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=noarch\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-51.module%2Bel8.7.0%2B16050%2B02173b8e?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8070020220725152258:3b9f49c4"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4"
},
"product_reference": "httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4"
},
"product_reference": "httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.7.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-22719",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064322"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: Use of uninitialized value of in r:parsebody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22719"
},
{
"category": "external",
"summary": "RHBZ#2064322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22719"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22719",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22719"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw. See https://access.redhat.com/articles/10649 for more information.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_lua: Use of uninitialized value of in r:parsebody"
},
{
"cve": "CVE-2022-22721",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default configuration of the LimitXMLRequestBody option on RHEL is 1MB and therefore is not vulnerable to this flaw. Also, this issue is known to only affect 32bit httpd builds.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22721"
},
{
"category": "external",
"summary": "RHBZ#2064320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22721"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22721",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22721"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
},
{
"category": "workaround",
"details": "Set the LimitXMLRequestBody option to a value smaller than 350MB. Setting it to 0 is not recommended as it will use a hard limit (depending on 32bit or 64bit systems) which may result in an overall system out-of-memory. The default configuration is not vulnerable to this flaw, see the statement above.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody"
},
{
"cve": "CVE-2022-23943",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064319"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_sed: Read/write beyond bounds",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The `mod_sed` module is disabled by default on Red Hat Enterprise Linux 7 and 8. For this reason, the flaw has been rated as having a security impact of Moderate. The httpd package as shipped with Red Hat Enterprise Linux 6 is not affected by this flaw because the `mod_sed` module is available only in httpd 2.3 and later.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23943"
},
{
"category": "external",
"summary": "RHBZ#2064319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23943"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23943",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23943"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-23943",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-23943"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
},
{
"category": "workaround",
"details": "Disabling mod_sed and restarting httpd will mitigate this flaw. See https://access.redhat.com/articles/10649 for more information.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_sed: Read/write beyond bounds"
},
{
"cve": "CVE-2022-26377",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2094997"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP request smuggling vulnerability was found in the mod_proxy_ajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_ajp: Possible request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The httpd mod_proxy_ajp module is enabled by default on Red Hat Enterprise Linux 8, 9, and in RHSCL. However, there are no directives forwarding requests using the AJP protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26377"
},
{
"category": "external",
"summary": "RHBZ#2094997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26377",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26377"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
},
{
"category": "workaround",
"details": "Disabling mod_proxy_ajp and restarting httpd will mitigate this flaw.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_ajp: Possible request smuggling"
},
{
"cve": "CVE-2022-28614",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095002"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_rputs and ap_rwrite functions can lead to an integer overflow and result in an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds read via ap_rwrite()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28614"
},
{
"category": "external",
"summary": "RHBZ#2095002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28614"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Out-of-bounds read via ap_rwrite()"
},
{
"cve": "CVE-2022-28615",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095006"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_strcmp_match function can lead to an integer overflow and result in an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds read in ap_strcmp_match()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "According to upstream, no code distributed with the httpd server can exploit this flaw, however, third-party modules or Lua scripts that use the ap_strcmp_match function could potentially be affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28615"
},
{
"category": "external",
"summary": "RHBZ#2095006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28615"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Out-of-bounds read in ap_strcmp_match()"
},
{
"cve": "CVE-2022-29404",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095012"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. A malicious request to a Lua script that calls parsebody(0) can lead to a denial of service due to no default limit on the possible input size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: DoS in r:parsebody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29404"
},
{
"category": "external",
"summary": "RHBZ#2095012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29404"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_lua: DoS in r:parsebody"
},
{
"cve": "CVE-2022-30522",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_sed module of httpd. A very large input to the mod_sed module can result in a denial of service due to excessively large memory allocations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_sed: DoS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The mod_sed module is disabled by default on Red Hat Enterprise Linux 7 and 8. The httpd package as shipped with Red Hat Enterprise Linux 6 is not affected by this flaw because the mod_sed module is not available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30522"
},
{
"category": "external",
"summary": "RHBZ#2095015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30522"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30522",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30522"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
},
{
"category": "workaround",
"details": "Disabling mod_sed and restarting httpd will mitigate this flaw.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_sed: DoS vulnerability"
},
{
"cve": "CVE-2022-30556",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: Information disclosure with websockets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua. Red Hat Enterprise Linux 7 is not affected by this flaw because the wsread function is not available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30556"
},
{
"category": "external",
"summary": "RHBZ#2095018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30556"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30556",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30556"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_lua: Information disclosure with websockets"
},
{
"cve": "CVE-2022-31813",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095020"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. The server may remove the X-Forwarded-* headers from a request based on the client-side Connection header hop-by-hop mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31813"
},
{
"category": "external",
"summary": "RHBZ#2095020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31813"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-08T09:35:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7647"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.src::httpd:2.4",
"AppStream-8.7.0.GA:httpd-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-debugsource-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-devel-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-filesystem-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-manual-0:2.4.37-51.module+el8.7.0+16050+02173b8e.noarch::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:httpd-tools-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ldap-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_proxy_html-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_session-debuginfo-0:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.aarch64::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.ppc64le::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.s390x::httpd:2.4",
"AppStream-8.7.0.GA:mod_ssl-debuginfo-1:2.4.37-51.module+el8.7.0+16050+02173b8e.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism"
}
]
}
RHSA-2022:8067
Vulnerability from csaf_redhat - Published: 2022-11-15 09:58 - Updated: 2026-03-23 00:45Summary
Red Hat Security Advisory: httpd security, bug fix, and enhancement update
Severity
Moderate
Notes
Topic: An update for httpd is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
The following packages have been upgraded to a later upstream version: httpd (2.4.53). (BZ#2079939)
Security Fix(es):
* httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)
* httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)
* httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)
* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)
* httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)
* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)
* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)
* httpd: Out-of-bounds read via ap_rwrite() (CVE-2022-28614)
* httpd: Out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)
* httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write.
7.4 (High)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker.
8.1 (High)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An HTTP request smuggling vulnerability was found in the mod_proxy_ajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests.
6.5 (Medium)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_rputs and ap_rwrite functions can lead to an integer overflow and result in an out-of-bounds read.
5.3 (Medium)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_strcmp_match function can lead to an integer overflow and result in an out-of-bounds read.
7.4 (High)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the mod_lua module of httpd. A malicious request to a Lua script that calls parsebody(0) can lead to a denial of service due to no default limit on the possible input size.
7.5 (High)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_sed module of httpd. A very large input to the mod_sed module can result in a denial of service due to excessively large memory allocations.
7.5 (High)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_lua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure.
7.5 (High)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the mod_proxy module of httpd. The server may remove the X-Forwarded-* headers from a request based on the client-side Connection header hop-by-hop mechanism.
7.3 (High)
Affected products
Fixed
75 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
68 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nThe following packages have been upgraded to a later upstream version: httpd (2.4.53). (BZ#2079939)\n\nSecurity Fix(es):\n\n* httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)\n\n* httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)\n\n* httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)\n\n* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)\n\n* httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)\n\n* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)\n\n* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)\n\n* httpd: Out-of-bounds read via ap_rwrite() (CVE-2022-28614)\n\n* httpd: Out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)\n\n* httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8067",
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"category": "external",
"summary": "2064319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319"
},
{
"category": "external",
"summary": "2064320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320"
},
{
"category": "external",
"summary": "2064322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322"
},
{
"category": "external",
"summary": "2073459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073459"
},
{
"category": "external",
"summary": "2075406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075406"
},
{
"category": "external",
"summary": "2079939",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079939"
},
{
"category": "external",
"summary": "2094997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997"
},
{
"category": "external",
"summary": "2095002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002"
},
{
"category": "external",
"summary": "2095006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006"
},
{
"category": "external",
"summary": "2095012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012"
},
{
"category": "external",
"summary": "2095015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015"
},
{
"category": "external",
"summary": "2095018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018"
},
{
"category": "external",
"summary": "2095020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020"
},
{
"category": "external",
"summary": "2095838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095838"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8067.json"
}
],
"title": "Red Hat Security Advisory: httpd security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-03-23T00:45:09+00:00",
"generator": {
"date": "2026-03-23T00:45:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2022:8067",
"initial_release_date": "2022-11-15T09:58:32+00:00",
"revision_history": [
{
"date": "2022-11-15T09:58:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-15T09:58:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-23T00:45:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-7.el9.src",
"product": {
"name": "httpd-0:2.4.53-7.el9.src",
"product_id": "httpd-0:2.4.53-7.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-7.el9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-7.el9.aarch64",
"product": {
"name": "httpd-0:2.4.53-7.el9.aarch64",
"product_id": "httpd-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.53-7.el9.aarch64",
"product": {
"name": "httpd-core-0:2.4.53-7.el9.aarch64",
"product_id": "httpd-core-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.53-7.el9.aarch64",
"product": {
"name": "httpd-devel-0:2.4.53-7.el9.aarch64",
"product_id": "httpd-devel-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.53-7.el9.aarch64",
"product": {
"name": "httpd-tools-0:2.4.53-7.el9.aarch64",
"product_id": "httpd-tools-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_ldap-0:2.4.53-7.el9.aarch64",
"product_id": "mod_ldap-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_lua-0:2.4.53-7.el9.aarch64",
"product_id": "mod_lua-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_proxy_html-1:2.4.53-7.el9.aarch64",
"product_id": "mod_proxy_html-1:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.53-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_session-0:2.4.53-7.el9.aarch64",
"product_id": "mod_session-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_ssl-1:2.4.53-7.el9.aarch64",
"product_id": "mod_ssl-1:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.53-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.53-7.el9.aarch64",
"product": {
"name": "httpd-debugsource-0:2.4.53-7.el9.aarch64",
"product_id": "httpd-debugsource-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"product": {
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"product_id": "httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"product": {
"name": "httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"product_id": "httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"product_id": "httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"product_id": "mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"product_id": "mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-7.el9?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"product_id": "mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-7.el9?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"product_id": "mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-7.el9?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "httpd-0:2.4.53-7.el9.ppc64le",
"product_id": "httpd-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "httpd-core-0:2.4.53-7.el9.ppc64le",
"product_id": "httpd-core-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.53-7.el9.ppc64le",
"product_id": "httpd-devel-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.53-7.el9.ppc64le",
"product_id": "httpd-tools-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.53-7.el9.ppc64le",
"product_id": "mod_ldap-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_lua-0:2.4.53-7.el9.ppc64le",
"product_id": "mod_lua-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"product_id": "mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.53-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_session-0:2.4.53-7.el9.ppc64le",
"product_id": "mod_session-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.53-7.el9.ppc64le",
"product_id": "mod_ssl-1:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.53-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"product_id": "httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_id": "httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_id": "httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_id": "mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_id": "mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"product_id": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-7.el9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_id": "mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-7.el9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"product_id": "mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-7.el9?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-7.el9.x86_64",
"product": {
"name": "httpd-0:2.4.53-7.el9.x86_64",
"product_id": "httpd-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.53-7.el9.x86_64",
"product": {
"name": "httpd-core-0:2.4.53-7.el9.x86_64",
"product_id": "httpd-core-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.53-7.el9.x86_64",
"product": {
"name": "httpd-devel-0:2.4.53-7.el9.x86_64",
"product_id": "httpd-devel-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.53-7.el9.x86_64",
"product": {
"name": "httpd-tools-0:2.4.53-7.el9.x86_64",
"product_id": "httpd-tools-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_ldap-0:2.4.53-7.el9.x86_64",
"product_id": "mod_ldap-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_lua-0:2.4.53-7.el9.x86_64",
"product_id": "mod_lua-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.53-7.el9.x86_64",
"product_id": "mod_proxy_html-1:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.53-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_session-0:2.4.53-7.el9.x86_64",
"product_id": "mod_session-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_ssl-1:2.4.53-7.el9.x86_64",
"product_id": "mod_ssl-1:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.53-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.53-7.el9.x86_64",
"product": {
"name": "httpd-debugsource-0:2.4.53-7.el9.x86_64",
"product_id": "httpd-debugsource-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"product": {
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"product_id": "httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"product_id": "httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"product_id": "httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"product_id": "mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"product_id": "mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-7.el9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"product_id": "mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-7.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64",
"product_id": "mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-7.el9?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.53-7.el9.s390x",
"product": {
"name": "httpd-0:2.4.53-7.el9.s390x",
"product_id": "httpd-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-core-0:2.4.53-7.el9.s390x",
"product": {
"name": "httpd-core-0:2.4.53-7.el9.s390x",
"product_id": "httpd-core-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.53-7.el9.s390x",
"product": {
"name": "httpd-devel-0:2.4.53-7.el9.s390x",
"product_id": "httpd-devel-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.53-7.el9.s390x",
"product": {
"name": "httpd-tools-0:2.4.53-7.el9.s390x",
"product_id": "httpd-tools-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.53-7.el9.s390x",
"product": {
"name": "mod_ldap-0:2.4.53-7.el9.s390x",
"product_id": "mod_ldap-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_lua-0:2.4.53-7.el9.s390x",
"product": {
"name": "mod_lua-0:2.4.53-7.el9.s390x",
"product_id": "mod_lua-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.53-7.el9.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.53-7.el9.s390x",
"product_id": "mod_proxy_html-1:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.53-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.53-7.el9.s390x",
"product": {
"name": "mod_session-0:2.4.53-7.el9.s390x",
"product_id": "mod_session-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.53-7.el9.s390x",
"product": {
"name": "mod_ssl-1:2.4.53-7.el9.s390x",
"product_id": "mod_ssl-1:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.53-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.53-7.el9.s390x",
"product": {
"name": "httpd-debugsource-0:2.4.53-7.el9.s390x",
"product_id": "httpd-debugsource-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"product": {
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"product_id": "httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-core-debuginfo@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.53-7.el9.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.53-7.el9.s390x",
"product_id": "httpd-debuginfo-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"product_id": "httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"product_id": "mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"product": {
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"product_id": "mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_lua-debuginfo@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"product_id": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.53-7.el9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"product": {
"name": "mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"product_id": "mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.53-7.el9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"product_id": "mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.53-7.el9?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-filesystem-0:2.4.53-7.el9.noarch",
"product": {
"name": "httpd-filesystem-0:2.4.53-7.el9.noarch",
"product_id": "httpd-filesystem-0:2.4.53-7.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-filesystem@2.4.53-7.el9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.4.53-7.el9.noarch",
"product": {
"name": "httpd-manual-0:2.4.53-7.el9.noarch",
"product_id": "httpd-manual-0:2.4.53-7.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.53-7.el9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64"
},
"product_reference": "httpd-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "httpd-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x"
},
"product_reference": "httpd-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-7.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src"
},
"product_reference": "httpd-0:2.4.53-7.el9.src",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64"
},
"product_reference": "httpd-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64"
},
"product_reference": "httpd-core-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "httpd-core-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x"
},
"product_reference": "httpd-core-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64"
},
"product_reference": "httpd-core-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64"
},
"product_reference": "httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x"
},
"product_reference": "httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-core-debuginfo-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64"
},
"product_reference": "httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64"
},
"product_reference": "httpd-debugsource-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x"
},
"product_reference": "httpd-debugsource-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64"
},
"product_reference": "httpd-debugsource-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64"
},
"product_reference": "httpd-devel-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x"
},
"product_reference": "httpd-devel-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64"
},
"product_reference": "httpd-devel-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-filesystem-0:2.4.53-7.el9.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch"
},
"product_reference": "httpd-filesystem-0:2.4.53-7.el9.noarch",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.53-7.el9.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch"
},
"product_reference": "httpd-manual-0:2.4.53-7.el9.noarch",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64"
},
"product_reference": "httpd-tools-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x"
},
"product_reference": "httpd-tools-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64"
},
"product_reference": "httpd-tools-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_ldap-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x"
},
"product_reference": "mod_ldap-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_ldap-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_lua-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_lua-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x"
},
"product_reference": "mod_lua-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_lua-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x"
},
"product_reference": "mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_lua-debuginfo-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_session-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_session-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x"
},
"product_reference": "mod_session-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_session-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x"
},
"product_reference": "mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_ssl-1:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x"
},
"product_reference": "mod_ssl-1:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_ssl-1:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"relates_to_product_reference": "AppStream-9.1.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64",
"relates_to_product_reference": "AppStream-9.1.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-22719",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064322"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: Use of uninitialized value of in r:parsebody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22719"
},
{
"category": "external",
"summary": "RHBZ#2064322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22719"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22719",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22719"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw. See https://access.redhat.com/articles/10649 for more information.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_lua: Use of uninitialized value of in r:parsebody"
},
{
"cve": "CVE-2022-22721",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default configuration of the LimitXMLRequestBody option on RHEL is 1MB and therefore is not vulnerable to this flaw. Also, this issue is known to only affect 32bit httpd builds.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22721"
},
{
"category": "external",
"summary": "RHBZ#2064320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22721"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22721",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22721"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
},
{
"category": "workaround",
"details": "Set the LimitXMLRequestBody option to a value smaller than 350MB. Setting it to 0 is not recommended as it will use a hard limit (depending on 32bit or 64bit systems) which may result in an overall system out-of-memory. The default configuration is not vulnerable to this flaw, see the statement above.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody"
},
{
"cve": "CVE-2022-23943",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064319"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_sed: Read/write beyond bounds",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The `mod_sed` module is disabled by default on Red Hat Enterprise Linux 7 and 8. For this reason, the flaw has been rated as having a security impact of Moderate. The httpd package as shipped with Red Hat Enterprise Linux 6 is not affected by this flaw because the `mod_sed` module is available only in httpd 2.3 and later.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23943"
},
{
"category": "external",
"summary": "RHBZ#2064319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23943"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23943",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23943"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-23943",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-23943"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
},
{
"category": "workaround",
"details": "Disabling mod_sed and restarting httpd will mitigate this flaw. See https://access.redhat.com/articles/10649 for more information.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_sed: Read/write beyond bounds"
},
{
"cve": "CVE-2022-26377",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2094997"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP request smuggling vulnerability was found in the mod_proxy_ajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_ajp: Possible request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The httpd mod_proxy_ajp module is enabled by default on Red Hat Enterprise Linux 8, 9, and in RHSCL. However, there are no directives forwarding requests using the AJP protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26377"
},
{
"category": "external",
"summary": "RHBZ#2094997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26377",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26377"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
},
{
"category": "workaround",
"details": "Disabling mod_proxy_ajp and restarting httpd will mitigate this flaw.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_ajp: Possible request smuggling"
},
{
"cve": "CVE-2022-28614",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095002"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_rputs and ap_rwrite functions can lead to an integer overflow and result in an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds read via ap_rwrite()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28614"
},
{
"category": "external",
"summary": "RHBZ#2095002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28614"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Out-of-bounds read via ap_rwrite()"
},
{
"cve": "CVE-2022-28615",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095006"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_strcmp_match function can lead to an integer overflow and result in an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds read in ap_strcmp_match()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "According to upstream, no code distributed with the httpd server can exploit this flaw, however, third-party modules or Lua scripts that use the ap_strcmp_match function could potentially be affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28615"
},
{
"category": "external",
"summary": "RHBZ#2095006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28615"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Out-of-bounds read in ap_strcmp_match()"
},
{
"cve": "CVE-2022-29404",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095012"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. A malicious request to a Lua script that calls parsebody(0) can lead to a denial of service due to no default limit on the possible input size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: DoS in r:parsebody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29404"
},
{
"category": "external",
"summary": "RHBZ#2095012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29404"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_lua: DoS in r:parsebody"
},
{
"cve": "CVE-2022-30522",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_sed module of httpd. A very large input to the mod_sed module can result in a denial of service due to excessively large memory allocations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_sed: DoS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The mod_sed module is disabled by default on Red Hat Enterprise Linux 7 and 8. The httpd package as shipped with Red Hat Enterprise Linux 6 is not affected by this flaw because the mod_sed module is not available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30522"
},
{
"category": "external",
"summary": "RHBZ#2095015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30522"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30522",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30522"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
},
{
"category": "workaround",
"details": "Disabling mod_sed and restarting httpd will mitigate this flaw.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_sed: DoS vulnerability"
},
{
"cve": "CVE-2022-30556",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: Information disclosure with websockets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua. Red Hat Enterprise Linux 7 is not affected by this flaw because the wsread function is not available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30556"
},
{
"category": "external",
"summary": "RHBZ#2095018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30556"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30556",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30556"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_lua: Information disclosure with websockets"
},
{
"cve": "CVE-2022-31813",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095020"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. The server may remove the X-Forwarded-* headers from a request based on the client-side Connection header hop-by-hop mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31813"
},
{
"category": "external",
"summary": "RHBZ#2095020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31813"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-15T09:58:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8067"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.src",
"AppStream-9.1.0.GA:httpd-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-core-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-debugsource-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-devel-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-filesystem-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-manual-0:2.4.53-7.el9.noarch",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:httpd-tools-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ldap-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_lua-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_proxy_html-debuginfo-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_session-debuginfo-0:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-1:2.4.53-7.el9.x86_64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.aarch64",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.ppc64le",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.s390x",
"AppStream-9.1.0.GA:mod_ssl-debuginfo-1:2.4.53-7.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism"
}
]
}
SUSE-SU-2022:2099-1
Vulnerability from csaf_suse - Published: 2022-06-16 12:46 - Updated: 2022-06-16 12:46Summary
Security update for apache2
Severity
Important
Notes
Title of the patch: Security update for apache2
Description of the patch: This update for apache2 fixes the following issues:
- CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338)
- CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340)
- CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341)
- CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345)
- CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350)
- CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352)
- CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348)
Patchnames: HPE-Helion-OpenStack-8-2022-2099,SUSE-2022-2099,SUSE-OpenStack-Cloud-8-2022-2099,SUSE-OpenStack-Cloud-9-2022-2099,SUSE-OpenStack-Cloud-Crowbar-8-2022-2099,SUSE-OpenStack-Cloud-Crowbar-9-2022-2099,SUSE-SLE-SAP-12-SP3-2022-2099,SUSE-SLE-SAP-12-SP4-2022-2099,SUSE-SLE-SERVER-12-SP2-BCL-2022-2099,SUSE-SLE-SERVER-12-SP3-2022-2099,SUSE-SLE-SERVER-12-SP3-BCL-2022-2099,SUSE-SLE-SERVER-12-SP4-LTSS-2022-2099
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
106 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
106 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
106 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
106 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
106 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
106 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
106 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
34 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apache2 fixes the following issues:\n\n- CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338)\n- CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340)\n- CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341)\n- CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345)\n- CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350)\n- CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352)\n- CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2022-2099,SUSE-2022-2099,SUSE-OpenStack-Cloud-8-2022-2099,SUSE-OpenStack-Cloud-9-2022-2099,SUSE-OpenStack-Cloud-Crowbar-8-2022-2099,SUSE-OpenStack-Cloud-Crowbar-9-2022-2099,SUSE-SLE-SAP-12-SP3-2022-2099,SUSE-SLE-SAP-12-SP4-2022-2099,SUSE-SLE-SERVER-12-SP2-BCL-2022-2099,SUSE-SLE-SERVER-12-SP3-2022-2099,SUSE-SLE-SERVER-12-SP3-BCL-2022-2099,SUSE-SLE-SERVER-12-SP4-LTSS-2022-2099",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2099-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:2099-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222099-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:2099-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011297.html"
},
{
"category": "self",
"summary": "SUSE Bug 1200338",
"url": "https://bugzilla.suse.com/1200338"
},
{
"category": "self",
"summary": "SUSE Bug 1200340",
"url": "https://bugzilla.suse.com/1200340"
},
{
"category": "self",
"summary": "SUSE Bug 1200341",
"url": "https://bugzilla.suse.com/1200341"
},
{
"category": "self",
"summary": "SUSE Bug 1200345",
"url": "https://bugzilla.suse.com/1200345"
},
{
"category": "self",
"summary": "SUSE Bug 1200348",
"url": "https://bugzilla.suse.com/1200348"
},
{
"category": "self",
"summary": "SUSE Bug 1200350",
"url": "https://bugzilla.suse.com/1200350"
},
{
"category": "self",
"summary": "SUSE Bug 1200352",
"url": "https://bugzilla.suse.com/1200352"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26377 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28614 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28615 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29404 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30522 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30556 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31813 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31813/"
}
],
"title": "Security update for apache2",
"tracking": {
"current_release_date": "2022-06-16T12:46:49Z",
"generator": {
"date": "2022-06-16T12:46:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:2099-1",
"initial_release_date": "2022-06-16T12:46:49Z",
"revision_history": [
{
"date": "2022-06-16T12:46:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-29.91.1.aarch64",
"product": {
"name": "apache2-2.4.23-29.91.1.aarch64",
"product_id": "apache2-2.4.23-29.91.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-29.91.1.aarch64",
"product": {
"name": "apache2-devel-2.4.23-29.91.1.aarch64",
"product_id": "apache2-devel-2.4.23-29.91.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-29.91.1.aarch64",
"product": {
"name": "apache2-event-2.4.23-29.91.1.aarch64",
"product_id": "apache2-event-2.4.23-29.91.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-29.91.1.aarch64",
"product": {
"name": "apache2-example-pages-2.4.23-29.91.1.aarch64",
"product_id": "apache2-example-pages-2.4.23-29.91.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-29.91.1.aarch64",
"product": {
"name": "apache2-prefork-2.4.23-29.91.1.aarch64",
"product_id": "apache2-prefork-2.4.23-29.91.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-29.91.1.aarch64",
"product": {
"name": "apache2-utils-2.4.23-29.91.1.aarch64",
"product_id": "apache2-utils-2.4.23-29.91.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-29.91.1.aarch64",
"product": {
"name": "apache2-worker-2.4.23-29.91.1.aarch64",
"product_id": "apache2-worker-2.4.23-29.91.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-29.91.1.i586",
"product": {
"name": "apache2-2.4.23-29.91.1.i586",
"product_id": "apache2-2.4.23-29.91.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-29.91.1.i586",
"product": {
"name": "apache2-devel-2.4.23-29.91.1.i586",
"product_id": "apache2-devel-2.4.23-29.91.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-29.91.1.i586",
"product": {
"name": "apache2-event-2.4.23-29.91.1.i586",
"product_id": "apache2-event-2.4.23-29.91.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-29.91.1.i586",
"product": {
"name": "apache2-example-pages-2.4.23-29.91.1.i586",
"product_id": "apache2-example-pages-2.4.23-29.91.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-29.91.1.i586",
"product": {
"name": "apache2-prefork-2.4.23-29.91.1.i586",
"product_id": "apache2-prefork-2.4.23-29.91.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-29.91.1.i586",
"product": {
"name": "apache2-utils-2.4.23-29.91.1.i586",
"product_id": "apache2-utils-2.4.23-29.91.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-29.91.1.i586",
"product": {
"name": "apache2-worker-2.4.23-29.91.1.i586",
"product_id": "apache2-worker-2.4.23-29.91.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-doc-2.4.23-29.91.1.noarch",
"product": {
"name": "apache2-doc-2.4.23-29.91.1.noarch",
"product_id": "apache2-doc-2.4.23-29.91.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-29.91.1.ppc64le",
"product": {
"name": "apache2-2.4.23-29.91.1.ppc64le",
"product_id": "apache2-2.4.23-29.91.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-29.91.1.ppc64le",
"product": {
"name": "apache2-devel-2.4.23-29.91.1.ppc64le",
"product_id": "apache2-devel-2.4.23-29.91.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-29.91.1.ppc64le",
"product": {
"name": "apache2-event-2.4.23-29.91.1.ppc64le",
"product_id": "apache2-event-2.4.23-29.91.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-29.91.1.ppc64le",
"product": {
"name": "apache2-example-pages-2.4.23-29.91.1.ppc64le",
"product_id": "apache2-example-pages-2.4.23-29.91.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-29.91.1.ppc64le",
"product": {
"name": "apache2-prefork-2.4.23-29.91.1.ppc64le",
"product_id": "apache2-prefork-2.4.23-29.91.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-29.91.1.ppc64le",
"product": {
"name": "apache2-utils-2.4.23-29.91.1.ppc64le",
"product_id": "apache2-utils-2.4.23-29.91.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-29.91.1.ppc64le",
"product": {
"name": "apache2-worker-2.4.23-29.91.1.ppc64le",
"product_id": "apache2-worker-2.4.23-29.91.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-29.91.1.s390",
"product": {
"name": "apache2-2.4.23-29.91.1.s390",
"product_id": "apache2-2.4.23-29.91.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-29.91.1.s390",
"product": {
"name": "apache2-devel-2.4.23-29.91.1.s390",
"product_id": "apache2-devel-2.4.23-29.91.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-29.91.1.s390",
"product": {
"name": "apache2-event-2.4.23-29.91.1.s390",
"product_id": "apache2-event-2.4.23-29.91.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-29.91.1.s390",
"product": {
"name": "apache2-example-pages-2.4.23-29.91.1.s390",
"product_id": "apache2-example-pages-2.4.23-29.91.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-29.91.1.s390",
"product": {
"name": "apache2-prefork-2.4.23-29.91.1.s390",
"product_id": "apache2-prefork-2.4.23-29.91.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-29.91.1.s390",
"product": {
"name": "apache2-utils-2.4.23-29.91.1.s390",
"product_id": "apache2-utils-2.4.23-29.91.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-29.91.1.s390",
"product": {
"name": "apache2-worker-2.4.23-29.91.1.s390",
"product_id": "apache2-worker-2.4.23-29.91.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-29.91.1.s390x",
"product": {
"name": "apache2-2.4.23-29.91.1.s390x",
"product_id": "apache2-2.4.23-29.91.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-29.91.1.s390x",
"product": {
"name": "apache2-devel-2.4.23-29.91.1.s390x",
"product_id": "apache2-devel-2.4.23-29.91.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-29.91.1.s390x",
"product": {
"name": "apache2-event-2.4.23-29.91.1.s390x",
"product_id": "apache2-event-2.4.23-29.91.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-29.91.1.s390x",
"product": {
"name": "apache2-example-pages-2.4.23-29.91.1.s390x",
"product_id": "apache2-example-pages-2.4.23-29.91.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-29.91.1.s390x",
"product": {
"name": "apache2-prefork-2.4.23-29.91.1.s390x",
"product_id": "apache2-prefork-2.4.23-29.91.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-29.91.1.s390x",
"product": {
"name": "apache2-utils-2.4.23-29.91.1.s390x",
"product_id": "apache2-utils-2.4.23-29.91.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-29.91.1.s390x",
"product": {
"name": "apache2-worker-2.4.23-29.91.1.s390x",
"product_id": "apache2-worker-2.4.23-29.91.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-29.91.1.x86_64",
"product": {
"name": "apache2-2.4.23-29.91.1.x86_64",
"product_id": "apache2-2.4.23-29.91.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"product_id": "apache2-example-pages-2.4.23-29.91.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-29.91.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64",
"product_id": "apache2-prefork-2.4.23-29.91.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-29.91.1.x86_64",
"product": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64",
"product_id": "apache2-utils-2.4.23-29.91.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-29.91.1.x86_64",
"product": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64",
"product_id": "apache2-worker-2.4.23-29.91.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-29.91.1.x86_64",
"product": {
"name": "apache2-devel-2.4.23-29.91.1.x86_64",
"product_id": "apache2-devel-2.4.23-29.91.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.23-29.91.1.x86_64",
"product": {
"name": "apache2-event-2.4.23-29.91.1.x86_64",
"product_id": "apache2-event-2.4.23-29.91.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-29.91.1.noarch as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-29.91.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-29.91.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-29.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-26377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26377"
}
],
"notes": [
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027) vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26377",
"url": "https://www.suse.com/security/cve/CVE-2022-26377"
},
{
"category": "external",
"summary": "SUSE Bug 1200338 for CVE-2022-26377",
"url": "https://bugzilla.suse.com/1200338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:46:49Z",
"details": "important"
}
],
"title": "CVE-2022-26377"
},
{
"cve": "CVE-2022-28614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28614"
}
],
"notes": [
{
"category": "general",
"text": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the \u0027ap_rputs\u0027 function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28614",
"url": "https://www.suse.com/security/cve/CVE-2022-28614"
},
{
"category": "external",
"summary": "SUSE Bug 1200340 for CVE-2022-28614",
"url": "https://bugzilla.suse.com/1200340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:46:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-28614"
},
{
"cve": "CVE-2022-28615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28615"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28615",
"url": "https://www.suse.com/security/cve/CVE-2022-28615"
},
{
"category": "external",
"summary": "SUSE Bug 1200341 for CVE-2022-28615",
"url": "https://bugzilla.suse.com/1200341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:46:49Z",
"details": "important"
}
],
"title": "CVE-2022-28615"
},
{
"cve": "CVE-2022-29404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29404"
}
],
"notes": [
{
"category": "general",
"text": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29404",
"url": "https://www.suse.com/security/cve/CVE-2022-29404"
},
{
"category": "external",
"summary": "SUSE Bug 1200345 for CVE-2022-29404",
"url": "https://bugzilla.suse.com/1200345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:46:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-29404"
},
{
"cve": "CVE-2022-30522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30522"
}
],
"notes": [
{
"category": "general",
"text": "If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30522",
"url": "https://www.suse.com/security/cve/CVE-2022-30522"
},
{
"category": "external",
"summary": "SUSE Bug 1200352 for CVE-2022-30522",
"url": "https://bugzilla.suse.com/1200352"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:46:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-30522"
},
{
"cve": "CVE-2022-30556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30556"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30556",
"url": "https://www.suse.com/security/cve/CVE-2022-30556"
},
{
"category": "external",
"summary": "SUSE Bug 1200350 for CVE-2022-30556",
"url": "https://bugzilla.suse.com/1200350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:46:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-30556"
},
{
"cve": "CVE-2022-31813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31813"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31813",
"url": "https://www.suse.com/security/cve/CVE-2022-31813"
},
{
"category": "external",
"summary": "SUSE Bug 1200348 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1200348"
},
{
"category": "external",
"summary": "SUSE Bug 1219585 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1219585"
},
{
"category": "external",
"summary": "SUSE Bug 1225670 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1225670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:apache2-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-doc-2.4.23-29.91.1.noarch",
"HPE Helion OpenStack 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-utils-2.4.23-29.91.1.x86_64",
"HPE Helion OpenStack 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud 9:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:apache2-worker-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-doc-2.4.23-29.91.1.noarch",
"SUSE OpenStack Cloud Crowbar 9:apache2-example-pages-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-prefork-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-utils-2.4.23-29.91.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:apache2-worker-2.4.23-29.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:46:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-31813"
}
]
}
SUSE-SU-2022:2101-1
Vulnerability from csaf_suse - Published: 2022-06-16 12:47 - Updated: 2022-06-16 12:47Summary
Security update for apache2
Severity
Important
Notes
Title of the patch: Security update for apache2
Description of the patch: This update for apache2 fixes the following issues:
- CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338)
- CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340)
- CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341)
- CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345)
- CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350)
- CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352)
- CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348)
Patchnames: SUSE-2022-2101,SUSE-SLE-SDK-12-SP5-2022-2101,SUSE-SLE-SERVER-12-SP5-2022-2101
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
34 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apache2 fixes the following issues:\n\n- CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338)\n- CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340)\n- CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341)\n- CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345)\n- CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350)\n- CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352)\n- CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-2101,SUSE-SLE-SDK-12-SP5-2022-2101,SUSE-SLE-SERVER-12-SP5-2022-2101",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2101-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:2101-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222101-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:2101-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011298.html"
},
{
"category": "self",
"summary": "SUSE Bug 1200338",
"url": "https://bugzilla.suse.com/1200338"
},
{
"category": "self",
"summary": "SUSE Bug 1200340",
"url": "https://bugzilla.suse.com/1200340"
},
{
"category": "self",
"summary": "SUSE Bug 1200341",
"url": "https://bugzilla.suse.com/1200341"
},
{
"category": "self",
"summary": "SUSE Bug 1200345",
"url": "https://bugzilla.suse.com/1200345"
},
{
"category": "self",
"summary": "SUSE Bug 1200348",
"url": "https://bugzilla.suse.com/1200348"
},
{
"category": "self",
"summary": "SUSE Bug 1200350",
"url": "https://bugzilla.suse.com/1200350"
},
{
"category": "self",
"summary": "SUSE Bug 1200352",
"url": "https://bugzilla.suse.com/1200352"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26377 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28614 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28615 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29404 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30522 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30556 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31813 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31813/"
}
],
"title": "Security update for apache2",
"tracking": {
"current_release_date": "2022-06-16T12:47:15Z",
"generator": {
"date": "2022-06-16T12:47:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:2101-1",
"initial_release_date": "2022-06-16T12:47:15Z",
"revision_history": [
{
"date": "2022-06-16T12:47:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-35.19.1.aarch64",
"product": {
"name": "apache2-2.4.51-35.19.1.aarch64",
"product_id": "apache2-2.4.51-35.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-35.19.1.aarch64",
"product": {
"name": "apache2-devel-2.4.51-35.19.1.aarch64",
"product_id": "apache2-devel-2.4.51-35.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-35.19.1.aarch64",
"product": {
"name": "apache2-event-2.4.51-35.19.1.aarch64",
"product_id": "apache2-event-2.4.51-35.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-35.19.1.aarch64",
"product": {
"name": "apache2-example-pages-2.4.51-35.19.1.aarch64",
"product_id": "apache2-example-pages-2.4.51-35.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-35.19.1.aarch64",
"product": {
"name": "apache2-prefork-2.4.51-35.19.1.aarch64",
"product_id": "apache2-prefork-2.4.51-35.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-35.19.1.aarch64",
"product": {
"name": "apache2-utils-2.4.51-35.19.1.aarch64",
"product_id": "apache2-utils-2.4.51-35.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-35.19.1.aarch64",
"product": {
"name": "apache2-worker-2.4.51-35.19.1.aarch64",
"product_id": "apache2-worker-2.4.51-35.19.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-35.19.1.i586",
"product": {
"name": "apache2-2.4.51-35.19.1.i586",
"product_id": "apache2-2.4.51-35.19.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-35.19.1.i586",
"product": {
"name": "apache2-devel-2.4.51-35.19.1.i586",
"product_id": "apache2-devel-2.4.51-35.19.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-35.19.1.i586",
"product": {
"name": "apache2-event-2.4.51-35.19.1.i586",
"product_id": "apache2-event-2.4.51-35.19.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-35.19.1.i586",
"product": {
"name": "apache2-example-pages-2.4.51-35.19.1.i586",
"product_id": "apache2-example-pages-2.4.51-35.19.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-35.19.1.i586",
"product": {
"name": "apache2-prefork-2.4.51-35.19.1.i586",
"product_id": "apache2-prefork-2.4.51-35.19.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-35.19.1.i586",
"product": {
"name": "apache2-utils-2.4.51-35.19.1.i586",
"product_id": "apache2-utils-2.4.51-35.19.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-35.19.1.i586",
"product": {
"name": "apache2-worker-2.4.51-35.19.1.i586",
"product_id": "apache2-worker-2.4.51-35.19.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-doc-2.4.51-35.19.1.noarch",
"product": {
"name": "apache2-doc-2.4.51-35.19.1.noarch",
"product_id": "apache2-doc-2.4.51-35.19.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-35.19.1.ppc64le",
"product": {
"name": "apache2-2.4.51-35.19.1.ppc64le",
"product_id": "apache2-2.4.51-35.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-35.19.1.ppc64le",
"product": {
"name": "apache2-devel-2.4.51-35.19.1.ppc64le",
"product_id": "apache2-devel-2.4.51-35.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-35.19.1.ppc64le",
"product": {
"name": "apache2-event-2.4.51-35.19.1.ppc64le",
"product_id": "apache2-event-2.4.51-35.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-35.19.1.ppc64le",
"product": {
"name": "apache2-example-pages-2.4.51-35.19.1.ppc64le",
"product_id": "apache2-example-pages-2.4.51-35.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-35.19.1.ppc64le",
"product": {
"name": "apache2-prefork-2.4.51-35.19.1.ppc64le",
"product_id": "apache2-prefork-2.4.51-35.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-35.19.1.ppc64le",
"product": {
"name": "apache2-utils-2.4.51-35.19.1.ppc64le",
"product_id": "apache2-utils-2.4.51-35.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-35.19.1.ppc64le",
"product": {
"name": "apache2-worker-2.4.51-35.19.1.ppc64le",
"product_id": "apache2-worker-2.4.51-35.19.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-35.19.1.s390",
"product": {
"name": "apache2-2.4.51-35.19.1.s390",
"product_id": "apache2-2.4.51-35.19.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-35.19.1.s390",
"product": {
"name": "apache2-devel-2.4.51-35.19.1.s390",
"product_id": "apache2-devel-2.4.51-35.19.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-35.19.1.s390",
"product": {
"name": "apache2-event-2.4.51-35.19.1.s390",
"product_id": "apache2-event-2.4.51-35.19.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-35.19.1.s390",
"product": {
"name": "apache2-example-pages-2.4.51-35.19.1.s390",
"product_id": "apache2-example-pages-2.4.51-35.19.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-35.19.1.s390",
"product": {
"name": "apache2-prefork-2.4.51-35.19.1.s390",
"product_id": "apache2-prefork-2.4.51-35.19.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-35.19.1.s390",
"product": {
"name": "apache2-utils-2.4.51-35.19.1.s390",
"product_id": "apache2-utils-2.4.51-35.19.1.s390"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-35.19.1.s390",
"product": {
"name": "apache2-worker-2.4.51-35.19.1.s390",
"product_id": "apache2-worker-2.4.51-35.19.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-35.19.1.s390x",
"product": {
"name": "apache2-2.4.51-35.19.1.s390x",
"product_id": "apache2-2.4.51-35.19.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-35.19.1.s390x",
"product": {
"name": "apache2-devel-2.4.51-35.19.1.s390x",
"product_id": "apache2-devel-2.4.51-35.19.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-35.19.1.s390x",
"product": {
"name": "apache2-event-2.4.51-35.19.1.s390x",
"product_id": "apache2-event-2.4.51-35.19.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-35.19.1.s390x",
"product": {
"name": "apache2-example-pages-2.4.51-35.19.1.s390x",
"product_id": "apache2-example-pages-2.4.51-35.19.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-35.19.1.s390x",
"product": {
"name": "apache2-prefork-2.4.51-35.19.1.s390x",
"product_id": "apache2-prefork-2.4.51-35.19.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-35.19.1.s390x",
"product": {
"name": "apache2-utils-2.4.51-35.19.1.s390x",
"product_id": "apache2-utils-2.4.51-35.19.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-35.19.1.s390x",
"product": {
"name": "apache2-worker-2.4.51-35.19.1.s390x",
"product_id": "apache2-worker-2.4.51-35.19.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-35.19.1.x86_64",
"product": {
"name": "apache2-2.4.51-35.19.1.x86_64",
"product_id": "apache2-2.4.51-35.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-35.19.1.x86_64",
"product": {
"name": "apache2-devel-2.4.51-35.19.1.x86_64",
"product_id": "apache2-devel-2.4.51-35.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-35.19.1.x86_64",
"product": {
"name": "apache2-event-2.4.51-35.19.1.x86_64",
"product_id": "apache2-event-2.4.51-35.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-35.19.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.51-35.19.1.x86_64",
"product_id": "apache2-example-pages-2.4.51-35.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-35.19.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.51-35.19.1.x86_64",
"product_id": "apache2-prefork-2.4.51-35.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-35.19.1.x86_64",
"product": {
"name": "apache2-utils-2.4.51-35.19.1.x86_64",
"product_id": "apache2-utils-2.4.51-35.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-35.19.1.x86_64",
"product": {
"name": "apache2-worker-2.4.51-35.19.1.x86_64",
"product_id": "apache2-worker-2.4.51-35.19.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-devel-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-devel-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-devel-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-devel-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.51-35.19.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch"
},
"product_reference": "apache2-doc-2.4.51-35.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-prefork-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-utils-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-utils-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-utils-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-worker-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-worker-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-worker-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.51-35.19.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch"
},
"product_reference": "apache2-doc-2.4.51-35.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-prefork-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-utils-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-utils-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-utils-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-35.19.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64"
},
"product_reference": "apache2-worker-2.4.51-35.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-35.19.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.51-35.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-35.19.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x"
},
"product_reference": "apache2-worker-2.4.51-35.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-35.19.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64"
},
"product_reference": "apache2-worker-2.4.51-35.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-26377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26377"
}
],
"notes": [
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027) vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26377",
"url": "https://www.suse.com/security/cve/CVE-2022-26377"
},
{
"category": "external",
"summary": "SUSE Bug 1200338 for CVE-2022-26377",
"url": "https://bugzilla.suse.com/1200338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:47:15Z",
"details": "important"
}
],
"title": "CVE-2022-26377"
},
{
"cve": "CVE-2022-28614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28614"
}
],
"notes": [
{
"category": "general",
"text": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the \u0027ap_rputs\u0027 function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28614",
"url": "https://www.suse.com/security/cve/CVE-2022-28614"
},
{
"category": "external",
"summary": "SUSE Bug 1200340 for CVE-2022-28614",
"url": "https://bugzilla.suse.com/1200340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:47:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-28614"
},
{
"cve": "CVE-2022-28615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28615"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28615",
"url": "https://www.suse.com/security/cve/CVE-2022-28615"
},
{
"category": "external",
"summary": "SUSE Bug 1200341 for CVE-2022-28615",
"url": "https://bugzilla.suse.com/1200341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:47:15Z",
"details": "important"
}
],
"title": "CVE-2022-28615"
},
{
"cve": "CVE-2022-29404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29404"
}
],
"notes": [
{
"category": "general",
"text": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29404",
"url": "https://www.suse.com/security/cve/CVE-2022-29404"
},
{
"category": "external",
"summary": "SUSE Bug 1200345 for CVE-2022-29404",
"url": "https://bugzilla.suse.com/1200345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:47:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-29404"
},
{
"cve": "CVE-2022-30522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30522"
}
],
"notes": [
{
"category": "general",
"text": "If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30522",
"url": "https://www.suse.com/security/cve/CVE-2022-30522"
},
{
"category": "external",
"summary": "SUSE Bug 1200352 for CVE-2022-30522",
"url": "https://bugzilla.suse.com/1200352"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:47:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-30522"
},
{
"cve": "CVE-2022-30556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30556"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30556",
"url": "https://www.suse.com/security/cve/CVE-2022-30556"
},
{
"category": "external",
"summary": "SUSE Bug 1200350 for CVE-2022-30556",
"url": "https://bugzilla.suse.com/1200350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:47:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-30556"
},
{
"cve": "CVE-2022-31813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31813"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31813",
"url": "https://www.suse.com/security/cve/CVE-2022-31813"
},
{
"category": "external",
"summary": "SUSE Bug 1200348 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1200348"
},
{
"category": "external",
"summary": "SUSE Bug 1219585 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1219585"
},
{
"category": "external",
"summary": "SUSE Bug 1225670 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1225670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-doc-2.4.51-35.19.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-example-pages-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-prefork-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-utils-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:apache2-worker-2.4.51-35.19.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:apache2-devel-2.4.51-35.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-16T12:47:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-31813"
}
]
}
SUSE-SU-2022:2302-1
Vulnerability from csaf_suse - Published: 2022-07-06 11:37 - Updated: 2022-07-06 11:37Summary
Security update for apache2
Severity
Important
Notes
Title of the patch: Security update for apache2
Description of the patch: This update for apache2 fixes the following issues:
- CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338)
- CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340)
- CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341)
- CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345)
- CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350)
- CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352)
- CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348)
Patchnames: SUSE-2022-2302,SUSE-SLE-Module-Basesystem-15-SP4-2022-2302,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-2302,SUSE-SLE-Module-Server-Applications-15-SP4-2022-2302,openSUSE-SLE-15.4-2022-2302
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
54 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
35 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apache2 fixes the following issues:\n\n - CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338)\n - CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340)\n - CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341)\n - CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345)\n - CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350)\n - CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352)\n - CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-2302,SUSE-SLE-Module-Basesystem-15-SP4-2022-2302,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-2302,SUSE-SLE-Module-Server-Applications-15-SP4-2022-2302,openSUSE-SLE-15.4-2022-2302",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2302-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:2302-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222302-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:2302-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011423.html"
},
{
"category": "self",
"summary": "SUSE Bug 1198913",
"url": "https://bugzilla.suse.com/1198913"
},
{
"category": "self",
"summary": "SUSE Bug 1200338",
"url": "https://bugzilla.suse.com/1200338"
},
{
"category": "self",
"summary": "SUSE Bug 1200340",
"url": "https://bugzilla.suse.com/1200340"
},
{
"category": "self",
"summary": "SUSE Bug 1200341",
"url": "https://bugzilla.suse.com/1200341"
},
{
"category": "self",
"summary": "SUSE Bug 1200345",
"url": "https://bugzilla.suse.com/1200345"
},
{
"category": "self",
"summary": "SUSE Bug 1200348",
"url": "https://bugzilla.suse.com/1200348"
},
{
"category": "self",
"summary": "SUSE Bug 1200350",
"url": "https://bugzilla.suse.com/1200350"
},
{
"category": "self",
"summary": "SUSE Bug 1200352",
"url": "https://bugzilla.suse.com/1200352"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-26377 page",
"url": "https://www.suse.com/security/cve/CVE-2022-26377/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28614 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28615 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29404 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30522 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30522/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30556 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31813 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31813/"
}
],
"title": "Security update for apache2",
"tracking": {
"current_release_date": "2022-07-06T11:37:36Z",
"generator": {
"date": "2022-07-06T11:37:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:2302-1",
"initial_release_date": "2022-07-06T11:37:36Z",
"revision_history": [
{
"date": "2022-07-06T11:37:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-150400.6.3.1.aarch64",
"product": {
"name": "apache2-2.4.51-150400.6.3.1.aarch64",
"product_id": "apache2-2.4.51-150400.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-150400.6.3.1.aarch64",
"product": {
"name": "apache2-devel-2.4.51-150400.6.3.1.aarch64",
"product_id": "apache2-devel-2.4.51-150400.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-150400.6.3.1.aarch64",
"product": {
"name": "apache2-event-2.4.51-150400.6.3.1.aarch64",
"product_id": "apache2-event-2.4.51-150400.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"product": {
"name": "apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"product_id": "apache2-example-pages-2.4.51-150400.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"product": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"product_id": "apache2-prefork-2.4.51-150400.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-150400.6.3.1.aarch64",
"product": {
"name": "apache2-utils-2.4.51-150400.6.3.1.aarch64",
"product_id": "apache2-utils-2.4.51-150400.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-150400.6.3.1.aarch64",
"product": {
"name": "apache2-worker-2.4.51-150400.6.3.1.aarch64",
"product_id": "apache2-worker-2.4.51-150400.6.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-150400.6.3.1.i586",
"product": {
"name": "apache2-2.4.51-150400.6.3.1.i586",
"product_id": "apache2-2.4.51-150400.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-150400.6.3.1.i586",
"product": {
"name": "apache2-devel-2.4.51-150400.6.3.1.i586",
"product_id": "apache2-devel-2.4.51-150400.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-150400.6.3.1.i586",
"product": {
"name": "apache2-event-2.4.51-150400.6.3.1.i586",
"product_id": "apache2-event-2.4.51-150400.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-150400.6.3.1.i586",
"product": {
"name": "apache2-example-pages-2.4.51-150400.6.3.1.i586",
"product_id": "apache2-example-pages-2.4.51-150400.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-150400.6.3.1.i586",
"product": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.i586",
"product_id": "apache2-prefork-2.4.51-150400.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-150400.6.3.1.i586",
"product": {
"name": "apache2-utils-2.4.51-150400.6.3.1.i586",
"product_id": "apache2-utils-2.4.51-150400.6.3.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-150400.6.3.1.i586",
"product": {
"name": "apache2-worker-2.4.51-150400.6.3.1.i586",
"product_id": "apache2-worker-2.4.51-150400.6.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-doc-2.4.51-150400.6.3.1.noarch",
"product": {
"name": "apache2-doc-2.4.51-150400.6.3.1.noarch",
"product_id": "apache2-doc-2.4.51-150400.6.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-150400.6.3.1.ppc64le",
"product": {
"name": "apache2-2.4.51-150400.6.3.1.ppc64le",
"product_id": "apache2-2.4.51-150400.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"product": {
"name": "apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"product_id": "apache2-devel-2.4.51-150400.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-150400.6.3.1.ppc64le",
"product": {
"name": "apache2-event-2.4.51-150400.6.3.1.ppc64le",
"product_id": "apache2-event-2.4.51-150400.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"product": {
"name": "apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"product_id": "apache2-example-pages-2.4.51-150400.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"product": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"product_id": "apache2-prefork-2.4.51-150400.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"product": {
"name": "apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"product_id": "apache2-utils-2.4.51-150400.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"product": {
"name": "apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"product_id": "apache2-worker-2.4.51-150400.6.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-150400.6.3.1.s390x",
"product": {
"name": "apache2-2.4.51-150400.6.3.1.s390x",
"product_id": "apache2-2.4.51-150400.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-150400.6.3.1.s390x",
"product": {
"name": "apache2-devel-2.4.51-150400.6.3.1.s390x",
"product_id": "apache2-devel-2.4.51-150400.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-150400.6.3.1.s390x",
"product": {
"name": "apache2-event-2.4.51-150400.6.3.1.s390x",
"product_id": "apache2-event-2.4.51-150400.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"product": {
"name": "apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"product_id": "apache2-example-pages-2.4.51-150400.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-150400.6.3.1.s390x",
"product": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.s390x",
"product_id": "apache2-prefork-2.4.51-150400.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-150400.6.3.1.s390x",
"product": {
"name": "apache2-utils-2.4.51-150400.6.3.1.s390x",
"product_id": "apache2-utils-2.4.51-150400.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-150400.6.3.1.s390x",
"product": {
"name": "apache2-worker-2.4.51-150400.6.3.1.s390x",
"product_id": "apache2-worker-2.4.51-150400.6.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-150400.6.3.1.x86_64",
"product": {
"name": "apache2-2.4.51-150400.6.3.1.x86_64",
"product_id": "apache2-2.4.51-150400.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-150400.6.3.1.x86_64",
"product": {
"name": "apache2-devel-2.4.51-150400.6.3.1.x86_64",
"product_id": "apache2-devel-2.4.51-150400.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-150400.6.3.1.x86_64",
"product": {
"name": "apache2-event-2.4.51-150400.6.3.1.x86_64",
"product_id": "apache2-event-2.4.51-150400.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"product_id": "apache2-example-pages-2.4.51-150400.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"product_id": "apache2-prefork-2.4.51-150400.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-150400.6.3.1.x86_64",
"product": {
"name": "apache2-utils-2.4.51-150400.6.3.1.x86_64",
"product_id": "apache2-utils-2.4.51-150400.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-150400.6.3.1.x86_64",
"product": {
"name": "apache2-worker-2.4.51-150400.6.3.1.x86_64",
"product_id": "apache2-worker-2.4.51-150400.6.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-150400.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-150400.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-150400.6.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-150400.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-prefork-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-150400.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-utils-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-150400.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-150400.6.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-utils-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-150400.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-utils-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-150400.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-event-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-150400.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-event-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-150400.6.3.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-event-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-150400.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-event-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-150400.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-devel-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-150400.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-150400.6.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-devel-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-150400.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-devel-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.51-150400.6.3.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch"
},
"product_reference": "apache2-doc-2.4.51-150400.6.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-150400.6.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-worker-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-150400.6.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-150400.6.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-worker-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-150400.6.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-worker-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-150400.6.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-150400.6.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-150400.6.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-150400.6.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-150400.6.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-devel-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-150400.6.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-150400.6.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-devel-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-150400.6.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-devel-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.51-150400.6.3.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch"
},
"product_reference": "apache2-doc-2.4.51-150400.6.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-150400.6.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-event-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-150400.6.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-event-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-150400.6.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-event-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-150400.6.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-event-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-150400.6.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-150400.6.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-150400.6.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-150400.6.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-prefork-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-150400.6.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-150400.6.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-utils-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-150400.6.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-150400.6.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-utils-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-150400.6.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-utils-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-150400.6.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64"
},
"product_reference": "apache2-worker-2.4.51-150400.6.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-150400.6.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-150400.6.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x"
},
"product_reference": "apache2-worker-2.4.51-150400.6.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-150400.6.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
},
"product_reference": "apache2-worker-2.4.51-150400.6.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-26377",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-26377"
}
],
"notes": [
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027) vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-26377",
"url": "https://www.suse.com/security/cve/CVE-2022-26377"
},
{
"category": "external",
"summary": "SUSE Bug 1200338 for CVE-2022-26377",
"url": "https://bugzilla.suse.com/1200338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-06T11:37:36Z",
"details": "important"
}
],
"title": "CVE-2022-26377"
},
{
"cve": "CVE-2022-28614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28614"
}
],
"notes": [
{
"category": "general",
"text": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the \u0027ap_rputs\u0027 function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28614",
"url": "https://www.suse.com/security/cve/CVE-2022-28614"
},
{
"category": "external",
"summary": "SUSE Bug 1200340 for CVE-2022-28614",
"url": "https://bugzilla.suse.com/1200340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-06T11:37:36Z",
"details": "moderate"
}
],
"title": "CVE-2022-28614"
},
{
"cve": "CVE-2022-28615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28615"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28615",
"url": "https://www.suse.com/security/cve/CVE-2022-28615"
},
{
"category": "external",
"summary": "SUSE Bug 1200341 for CVE-2022-28615",
"url": "https://bugzilla.suse.com/1200341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-06T11:37:36Z",
"details": "important"
}
],
"title": "CVE-2022-28615"
},
{
"cve": "CVE-2022-29404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29404"
}
],
"notes": [
{
"category": "general",
"text": "In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29404",
"url": "https://www.suse.com/security/cve/CVE-2022-29404"
},
{
"category": "external",
"summary": "SUSE Bug 1200345 for CVE-2022-29404",
"url": "https://bugzilla.suse.com/1200345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-06T11:37:36Z",
"details": "moderate"
}
],
"title": "CVE-2022-29404"
},
{
"cve": "CVE-2022-30522",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30522"
}
],
"notes": [
{
"category": "general",
"text": "If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30522",
"url": "https://www.suse.com/security/cve/CVE-2022-30522"
},
{
"category": "external",
"summary": "SUSE Bug 1200352 for CVE-2022-30522",
"url": "https://bugzilla.suse.com/1200352"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-06T11:37:36Z",
"details": "moderate"
}
],
"title": "CVE-2022-30522"
},
{
"cve": "CVE-2022-30556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30556"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30556",
"url": "https://www.suse.com/security/cve/CVE-2022-30556"
},
{
"category": "external",
"summary": "SUSE Bug 1200350 for CVE-2022-30556",
"url": "https://bugzilla.suse.com/1200350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-06T11:37:36Z",
"details": "moderate"
}
],
"title": "CVE-2022-30556"
},
{
"cve": "CVE-2022-31813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31813"
}
],
"notes": [
{
"category": "general",
"text": "Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31813",
"url": "https://www.suse.com/security/cve/CVE-2022-31813"
},
{
"category": "external",
"summary": "SUSE Bug 1200348 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1200348"
},
{
"category": "external",
"summary": "SUSE Bug 1219585 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1219585"
},
{
"category": "external",
"summary": "SUSE Bug 1225670 for CVE-2022-31813",
"url": "https://bugzilla.suse.com/1225670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:apache2-worker-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-devel-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-doc-2.4.51-150400.6.3.1.noarch",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-event-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-example-pages-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-prefork-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-utils-2.4.51-150400.6.3.1.x86_64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.aarch64",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.ppc64le",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.s390x",
"openSUSE Leap 15.4:apache2-worker-2.4.51-150400.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-07-06T11:37:36Z",
"details": "moderate"
}
],
"title": "CVE-2022-31813"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…