Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-44224 (GCVE-0-2021-44224)
Vulnerability from cvelistv5 – Published: 2021-12-20 11:20 – Updated: 2024-08-04 04:17
VLAI
EPSS
Title
Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier
Summary
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
Severity
No CVSS data available.
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
19 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Affected:
2.4.7 , < Apache HTTP Server 2.4*
(custom)
|
Credits
漂亮鼠
TengMA(@Te3t123)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:17:24.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[oss-security] 20211220 CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/3"
},
{
"name": "FEDORA-2021-29a536c2ae",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/"
},
{
"name": "DSA-5035",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5035"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211224-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2022-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2022-03"
},
{
"name": "FEDORA-2022-b4103753e9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/"
},
{
"name": "FEDORA-2022-21264ec6db",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/"
},
{
"name": "FEDORA-2022-78e3211c55",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213257"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213256"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213255"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "GLSA-202208-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-20"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "Apache HTTP Server 2.4*",
"status": "affected",
"version": "2.4.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "\u6f02\u4eae\u9f20"
},
{
"lang": "en",
"value": "TengMA(@Te3t123)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included)."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-14T01:08:09.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[oss-security] 20211220 CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/3"
},
{
"name": "FEDORA-2021-29a536c2ae",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/"
},
{
"name": "DSA-5035",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5035"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20211224-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2022-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2022-03"
},
{
"name": "FEDORA-2022-b4103753e9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/"
},
{
"name": "FEDORA-2022-21264ec6db",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/"
},
{
"name": "FEDORA-2022-78e3211c55",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT213257"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT213256"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT213255"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "GLSA-202208-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-20"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-18T00:00:00.000Z",
"value": "Reported to security team"
},
{
"lang": "en",
"time": "2021-12-14T00:00:00.000Z",
"value": "fixed by r1895955+r1896044 in 2.4.x"
}
],
"title": "Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-44224",
"STATE": "PUBLIC",
"TITLE": "Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "Apache HTTP Server 2.4",
"version_value": "2.4.7"
},
{
"version_affected": "\u003c=",
"version_name": "Apache HTTP Server 2.4",
"version_value": "2.4.51 +1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "\u6f02\u4eae\u9f20"
},
{
"lang": "eng",
"value": "TengMA(@Te3t123)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[oss-security] 20211220 CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/3"
},
{
"name": "FEDORA-2021-29a536c2ae",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/"
},
{
"name": "DSA-5035",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5035"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211224-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211224-0001/"
},
{
"name": "https://www.tenable.com/security/tns-2022-01",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2022-01"
},
{
"name": "https://www.tenable.com/security/tns-2022-03",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2022-03"
},
{
"name": "FEDORA-2022-b4103753e9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/"
},
{
"name": "FEDORA-2022-21264ec6db",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/"
},
{
"name": "FEDORA-2022-78e3211c55",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://support.apple.com/kb/HT213257",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213257"
},
{
"name": "https://support.apple.com/kb/HT213256",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213256"
},
{
"name": "https://support.apple.com/kb/HT213255",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213255"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "GLSA-202208-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-20"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-18T00:00:00.000Z",
"value": "Reported to security team"
},
{
"lang": "en",
"time": "2021-12-14T00:00:00.000Z",
"value": "fixed by r1895955+r1896044 in 2.4.x"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-44224",
"datePublished": "2021-12-20T11:20:13.000Z",
"dateReserved": "2021-11-25T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:17:24.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-44224",
"date": "2026-06-07",
"epss": "0.0925",
"percentile": "0.92878"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-44224\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-12-20T12:15:07.393\",\"lastModified\":\"2024-11-21T06:30:37.133\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).\"},{\"lang\":\"es\",\"value\":\"Un URI dise\u00f1ado que es enviado a httpd configurado como proxy directo (ProxyRequests on) puede causar un fallo (desreferencia de puntero NULL) o, en el caso de configuraciones que mezclan declaraciones de proxy directo e inverso, puede permitir que las peticiones se dirijan a un endpoint de socket de dominio Unix declarado (Server Side Request Forgery). Este problema afecta a Apache HTTP Server versiones 2.4.7 hasta 2.4.51 (incluy\u00e9ndola)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:P\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.7\",\"versionEndExcluding\":\"2.4.52\",\"matchCriteriaId\":\"F280AFE0-EB05-4ABF-85A7-9518AD485C49\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.14.0\",\"versionEndExcluding\":\"5.20.0\",\"matchCriteriaId\":\"3304C5DC-0353-4AC8-884E-2154C9224BE9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16.0\",\"versionEndExcluding\":\"202201.1\",\"matchCriteriaId\":\"161BA9E6-265F-4245-8053-5734333322E5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.0\",\"matchCriteriaId\":\"02712DD6-D944-4452-8015-000B9851D257\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3517A27-E6EE-497C-9996-F78171BBE90F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B98BAEB2-A540-4E8A-A946-C4331B913AFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8FBE260-E306-4215-80C0-D2D27CA43E0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.0\",\"matchCriteriaId\":\"274BCA96-2E6A-4B77-B69E-E2093A668D28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.0\",\"matchCriteriaId\":\"8D4B738B-08CF-44F6-A939-39F5BEAF03B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E290BD43-5AB2-4641-B4AC-BC99FFBF7833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFC79B17-E9D2-44D5-93ED-2F959E7A3D43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD04BEE5-E9A8-4584-A68C-0195CE9C402C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F69B9A5-F21B-4904-9F27-95C0F7A628E3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89161D20-EB9C-4EC0-8D82-75B27CE49264\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F4BF7F-90D4-4668-B4E6-B06F4070F448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F441A43-1669-478D-9EC8-E96882DE4F9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*\",\"matchCriteriaId\":\"D425C653-37A2-448C-BF2F-B684ADB08A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*\",\"matchCriteriaId\":\"A54D63B7-B92B-47C3-B1C5-9892E5873A98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*\",\"matchCriteriaId\":\"3456176F-9185-4EE2-A8CE-3D989D674AB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*\",\"matchCriteriaId\":\"D337EE21-2F00-484D-9285-F2B0248D7A19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*\",\"matchCriteriaId\":\"012052B5-9AA7-4FD3-9C80-5F615330039D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*\",\"matchCriteriaId\":\"50F21A3C-0AC3-48C5-A4F8-5A7B478875B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E974DC6-F7D9-4389-9AF9-863F6E419CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"156A6382-2BD3-4882-90B2-8E7CF6659E17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A2FDB2-6712-406A-9896-C0B44508B07D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*\",\"matchCriteriaId\":\"49F537A0-DC42-4176-B22F-C80D179DD99D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.15.7\",\"matchCriteriaId\":\"3BD2A211-4E62-40BF-9BA0-5239FA6F0AF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.6.6\",\"matchCriteriaId\":\"09A6345C-D813-43BA-B12E-789C80653F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.4\",\"matchCriteriaId\":\"56A8A170-44A7-4334-88B0-CB4413E28E53\"}]}]}],\"references\":[{\"url\":\"http://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/33\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/35\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/38\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/20/3\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.gentoo.org/glsa/202208-20\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20211224-0001/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213255\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213256\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213257\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5035\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2022-01\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2022-03\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/33\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/35\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/12/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202208-20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20211224-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213255\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213257\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5035\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2022-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2022-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
Title
Apache HTTP Server代码问题漏洞
Description
Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。
Apache HTTP Server中存在代码问题漏洞,该漏洞源于产品存在空指针引用错误。攻击者可通过该漏洞导致系统奔溃或服务端请求伪造。
Severity
中
Patch Name
Apache HTTP Server代码问题漏洞的补丁
Patch Description
Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。
Apache HTTP Server中存在代码问题漏洞,该漏洞源于产品存在空指针引用错误。攻击者可通过该漏洞导致系统奔溃或服务端请求伪造。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://httpd.apache.org/download.cgi#apache24
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-44224
Impacted products
| Name | Apache HTTP Server >=2.4.7,<2.4.52 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2021-44224"
}
},
"description": "Apache HTTP Server\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90\u7f51\u9875\u670d\u52a1\u5668\u3002\u8be5\u670d\u52a1\u5668\u5177\u6709\u5feb\u901f\u3001\u53ef\u9760\u4e14\u53ef\u901a\u8fc7\u7b80\u5355\u7684API\u8fdb\u884c\u6269\u5145\u7684\u7279\u70b9\u3002\n\nApache HTTP Server\u4e2d\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4ea7\u54c1\u5b58\u5728\u7a7a\u6307\u9488\u5f15\u7528\u9519\u8bef\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7cfb\u7edf\u5954\u6e83\u6216\u670d\u52a1\u7aef\u8bf7\u6c42\u4f2a\u9020\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://httpd.apache.org/download.cgi#apache24",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-102387",
"openTime": "2021-12-24",
"patchDescription": "Apache HTTP Server\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u5f00\u6e90\u7f51\u9875\u670d\u52a1\u5668\u3002\u8be5\u670d\u52a1\u5668\u5177\u6709\u5feb\u901f\u3001\u53ef\u9760\u4e14\u53ef\u901a\u8fc7\u7b80\u5355\u7684API\u8fdb\u884c\u6269\u5145\u7684\u7279\u70b9\u3002\r\n\r\nApache HTTP Server\u4e2d\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4ea7\u54c1\u5b58\u5728\u7a7a\u6307\u9488\u5f15\u7528\u9519\u8bef\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7cfb\u7edf\u5954\u6e83\u6216\u670d\u52a1\u7aef\u8bf7\u6c42\u4f2a\u9020\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Apache HTTP Server\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Apache HTTP Server \u003e=2.4.7\uff0c\u003c2.4.52"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224",
"serverity": "\u4e2d",
"submitTime": "2021-12-24",
"title": "Apache HTTP Server\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e"
}
FKIE_CVE-2021-44224
Vulnerability from fkie_nvd - Published: 2021-12-20 12:15 - Updated: 2024-11-21 06:30
Severity
Summary
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F280AFE0-EB05-4ABF-85A7-9518AD485C49",
"versionEndExcluding": "2.4.52",
"versionStartIncluding": "2.4.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3304C5DC-0353-4AC8-884E-2154C9224BE9",
"versionEndExcluding": "5.20.0",
"versionStartIncluding": "5.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "161BA9E6-265F-4245-8053-5734333322E5",
"versionEndExcluding": "202201.1",
"versionStartIncluding": "5.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02712DD6-D944-4452-8015-000B9851D257",
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3517A27-E6EE-497C-9996-F78171BBE90F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B98BAEB2-A540-4E8A-A946-C4331B913AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FBE260-E306-4215-80C0-D2D27CA43E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "274BCA96-2E6A-4B77-B69E-E2093A668D28",
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4B738B-08CF-44F6-A939-39F5BEAF03B2",
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E290BD43-5AB2-4641-B4AC-BC99FFBF7833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD04BEE5-E9A8-4584-A68C-0195CE9C402C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7F69B9A5-F21B-4904-9F27-95C0F7A628E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*",
"matchCriteriaId": "89161D20-EB9C-4EC0-8D82-75B27CE49264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"matchCriteriaId": "F1F4BF7F-90D4-4668-B4E6-B06F4070F448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"matchCriteriaId": "0F441A43-1669-478D-9EC8-E96882DE4F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
"matchCriteriaId": "D425C653-37A2-448C-BF2F-B684ADB08A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
"matchCriteriaId": "A54D63B7-B92B-47C3-B1C5-9892E5873A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*",
"matchCriteriaId": "3456176F-9185-4EE2-A8CE-3D989D674AB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*",
"matchCriteriaId": "D337EE21-2F00-484D-9285-F2B0248D7A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
"matchCriteriaId": "012052B5-9AA7-4FD3-9C80-5F615330039D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
"matchCriteriaId": "50F21A3C-0AC3-48C5-A4F8-5A7B478875B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*",
"matchCriteriaId": "8E974DC6-F7D9-4389-9AF9-863F6E419CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*",
"matchCriteriaId": "156A6382-2BD3-4882-90B2-8E7CF6659E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*",
"matchCriteriaId": "20A2FDB2-6712-406A-9896-C0B44508B07D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*",
"matchCriteriaId": "49F537A0-DC42-4176-B22F-C80D179DD99D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD2A211-4E62-40BF-9BA0-5239FA6F0AF8",
"versionEndExcluding": "10.15.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09A6345C-D813-43BA-B12E-789C80653F86",
"versionEndExcluding": "11.6.6",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A8A170-44A7-4334-88B0-CB4413E28E53",
"versionEndExcluding": "12.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included)."
},
{
"lang": "es",
"value": "Un URI dise\u00f1ado que es enviado a httpd configurado como proxy directo (ProxyRequests on) puede causar un fallo (desreferencia de puntero NULL) o, en el caso de configuraciones que mezclan declaraciones de proxy directo e inverso, puede permitir que las peticiones se dirijan a un endpoint de socket de dominio Unix declarado (Server Side Request Forgery). Este problema afecta a Apache HTTP Server versiones 2.4.7 hasta 2.4.51 (incluy\u00e9ndola)"
}
],
"id": "CVE-2021-44224",
"lastModified": "2024-11-21T06:30:37.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-20T12:15:07.393",
"references": [
{
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/3"
},
{
"source": "security@apache.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/"
},
{
"source": "security@apache.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/"
},
{
"source": "security@apache.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/"
},
{
"source": "security@apache.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211224-0001/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213255"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213256"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213257"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5035"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2022-01"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2022-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211224-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2022-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2022-03"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@apache.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-92WW-HWMG-QQ7P
Vulnerability from github – Published: 2022-02-08 00:00 – Updated: 2022-03-23 00:01
VLAI
Details
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
Severity
8.2 (High)
{
"affected": [],
"aliases": [
"CVE-2021-44224"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-20T12:15:00Z",
"severity": "HIGH"
},
"details": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).",
"id": "GHSA-92ww-hwmg-qq7p",
"modified": "2022-03-23T00:01:08Z",
"published": "2022-02-08T00:00:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20211224-0001"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213255"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213256"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT213257"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2022/dsa-5035"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2022-01"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2022-03"
},
{
"type": "WEB",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2021-44224
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-44224",
"description": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).",
"id": "GSD-2021-44224",
"references": [
"https://www.suse.com/security/cve/CVE-2021-44224.html",
"https://www.debian.org/security/2022/dsa-5035",
"https://ubuntu.com/security/CVE-2021-44224",
"https://advisories.mageia.org/CVE-2021-44224.html",
"https://alas.aws.amazon.com/cve/html/CVE-2021-44224.html",
"https://linux.oracle.com/cve/CVE-2021-44224.html",
"https://access.redhat.com/errata/RHSA-2022:1915",
"https://access.redhat.com/errata/RHSA-2022:6753",
"https://access.redhat.com/errata/RHSA-2022:7143",
"https://access.redhat.com/errata/RHSA-2022:7144"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-44224"
],
"details": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).",
"id": "GSD-2021-44224",
"modified": "2023-12-13T01:23:20.829364Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-44224",
"STATE": "PUBLIC",
"TITLE": "Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "Apache HTTP Server 2.4",
"version_value": "2.4.7"
},
{
"version_affected": "\u003c=",
"version_name": "Apache HTTP Server 2.4",
"version_value": "2.4.51"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "\u6f02\u4eae\u9f20"
},
{
"lang": "eng",
"value": "TengMA(@Te3t123)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[oss-security] 20211220 CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/3"
},
{
"name": "FEDORA-2021-29a536c2ae",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/"
},
{
"name": "DSA-5035",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5035"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211224-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211224-0001/"
},
{
"name": "https://www.tenable.com/security/tns-2022-01",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2022-01"
},
{
"name": "https://www.tenable.com/security/tns-2022-03",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2022-03"
},
{
"name": "FEDORA-2022-b4103753e9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/"
},
{
"name": "FEDORA-2022-21264ec6db",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/"
},
{
"name": "FEDORA-2022-78e3211c55",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://support.apple.com/kb/HT213257",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213257"
},
{
"name": "https://support.apple.com/kb/HT213256",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213256"
},
{
"name": "https://support.apple.com/kb/HT213255",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213255"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "GLSA-202208-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-20"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "eng",
"time": "2021-11-18",
"value": "Reported to security team"
},
{
"lang": "eng",
"time": "2021-12-14",
"value": "fixed by r1895955+r1896044 in 2.4.x"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.52",
"versionStartIncluding": "2.4.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.20.0",
"versionStartIncluding": "5.14.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "202201.1",
"versionStartIncluding": "5.16.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.15.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.4",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.6.6",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-44224"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[oss-security] 20211220 CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/20/3"
},
{
"name": "FEDORA-2021-29a536c2ae",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211224-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211224-0001/"
},
{
"name": "DSA-5035",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5035"
},
{
"name": "https://www.tenable.com/security/tns-2022-01",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2022-01"
},
{
"name": "https://www.tenable.com/security/tns-2022-03",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2022-03"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "FEDORA-2022-b4103753e9",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/"
},
{
"name": "FEDORA-2022-21264ec6db",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/"
},
{
"name": "FEDORA-2022-78e3211c55",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://support.apple.com/kb/HT213255",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213255"
},
{
"name": "https://support.apple.com/kb/HT213256",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213256"
},
{
"name": "https://support.apple.com/kb/HT213257",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213257"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"refsource": "FULLDISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "GLSA-202208-20",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-20"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
},
"lastModifiedDate": "2022-11-02T13:18Z",
"publishedDate": "2021-12-20T12:15Z"
}
}
}
MSRC_CVE-2021-44224
Vulnerability from csaf_microsoft - Published: 2021-12-02 00:00 - Updated: 2021-12-23 00:00Summary
Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
8.2 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 18935-16820 | — | ||
| Unresolved product id: 17030-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2021-44224 Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-44224.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier",
"tracking": {
"current_release_date": "2021-12-23T00:00:00.000Z",
"generator": {
"date": "2025-12-27T18:27:42.946Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2021-44224",
"initial_release_date": "2021-12-02T00:00:00.000Z",
"revision_history": [
{
"date": "2021-12-23T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 httpd 2.4.52-1",
"product": {
"name": "\u003ccm1 httpd 2.4.52-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 httpd 2.4.52-1",
"product": {
"name": "cm1 httpd 2.4.52-1",
"product_id": "18935"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 httpd 2.4.52-1",
"product": {
"name": "\u003ccbl2 httpd 2.4.52-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 httpd 2.4.52-1",
"product": {
"name": "cbl2 httpd 2.4.52-1",
"product_id": "17030"
}
}
],
"category": "product_name",
"name": "httpd"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 httpd 2.4.52-1 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 httpd 2.4.52-1 as a component of CBL Mariner 1.0",
"product_id": "18935-16820"
},
"product_reference": "18935",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 httpd 2.4.52-1 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 httpd 2.4.52-1 as a component of CBL Mariner 2.0",
"product_id": "17030-17086"
},
"product_reference": "17030",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44224",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "general",
"text": "apache",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"18935-16820",
"17030-17086"
],
"known_affected": [
"16820-1",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-44224 Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-44224.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2021-12-23T00:00:00.000Z",
"details": "2.4.52-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1",
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.2,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"16820-1",
"17086-2"
]
}
],
"title": "Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier"
}
]
}
OPENSUSE-SU-2022:0091-1
Vulnerability from csaf_opensuse - Published: 2022-01-17 15:25 - Updated: 2022-01-17 15:25Summary
Security update for apache2
Severity
Important
Notes
Title of the patch: Security update for apache2
Description of the patch: This update for apache2 fixes the following issues:
Apache2 was updated to the current stable version 2.4.51 (jsc#SLE-22733 jsc#SLE-22849)
It fixes all CVEs and selected bugs represented by patches found between 2.4.23 and 2.4.51.
See https://downloads.apache.org/httpd/CHANGES_2.4 for a complete change log.
Also fixed:
- CVE-2021-44224: Fixed NULL dereference or SSRF in forward proxy configurations (bsc#1193943)
- CVE-2021-44790: Fixed buffer overflow when parsing multipart content in mod_lua (bsc#1193942)
Patchnames: openSUSE-2022-91,openSUSE-SLE-15.3-2022-91
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apache2 fixes the following issues:\n\nApache2 was updated to the current stable version 2.4.51 (jsc#SLE-22733 jsc#SLE-22849)\n\nIt fixes all CVEs and selected bugs represented by patches found between 2.4.23 and 2.4.51.\n\nSee https://downloads.apache.org/httpd/CHANGES_2.4 for a complete change log.\n\nAlso fixed:\n\n- CVE-2021-44224: Fixed NULL dereference or SSRF in forward proxy configurations (bsc#1193943)\n- CVE-2021-44790: Fixed buffer overflow when parsing multipart content in mod_lua (bsc#1193942)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2022-91,openSUSE-SLE-15.3-2022-91",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0091-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:0091-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LQX4BVMFKUTV6DOPDTL26H5DQJJFUPXZ/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:0091-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LQX4BVMFKUTV6DOPDTL26H5DQJJFUPXZ/"
},
{
"category": "self",
"summary": "SUSE Bug 1193942",
"url": "https://bugzilla.suse.com/1193942"
},
{
"category": "self",
"summary": "SUSE Bug 1193943",
"url": "https://bugzilla.suse.com/1193943"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44224 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44224/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44790 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44790/"
}
],
"title": "Security update for apache2",
"tracking": {
"current_release_date": "2022-01-17T15:25:36Z",
"generator": {
"date": "2022-01-17T15:25:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:0091-1",
"initial_release_date": "2022-01-17T15:25:36Z",
"revision_history": [
{
"date": "2022-01-17T15:25:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"product": {
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"product_id": "chromedriver-99.0.4844.84-bp153.2.75.1.aarch64"
}
},
{
"category": "product_version",
"name": "chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"product": {
"name": "chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"product_id": "chromium-99.0.4844.84-bp153.2.75.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-2.4.51-3.37.1.aarch64",
"product": {
"name": "apache2-2.4.51-3.37.1.aarch64",
"product_id": "apache2-2.4.51-3.37.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-3.37.1.aarch64",
"product": {
"name": "apache2-devel-2.4.51-3.37.1.aarch64",
"product_id": "apache2-devel-2.4.51-3.37.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-3.37.1.aarch64",
"product": {
"name": "apache2-event-2.4.51-3.37.1.aarch64",
"product_id": "apache2-event-2.4.51-3.37.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-3.37.1.aarch64",
"product": {
"name": "apache2-example-pages-2.4.51-3.37.1.aarch64",
"product_id": "apache2-example-pages-2.4.51-3.37.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-3.37.1.aarch64",
"product": {
"name": "apache2-prefork-2.4.51-3.37.1.aarch64",
"product_id": "apache2-prefork-2.4.51-3.37.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-3.37.1.aarch64",
"product": {
"name": "apache2-utils-2.4.51-3.37.1.aarch64",
"product_id": "apache2-utils-2.4.51-3.37.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-3.37.1.aarch64",
"product": {
"name": "apache2-worker-2.4.51-3.37.1.aarch64",
"product_id": "apache2-worker-2.4.51-3.37.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-doc-2.4.51-3.37.1.noarch",
"product": {
"name": "apache2-doc-2.4.51-3.37.1.noarch",
"product_id": "apache2-doc-2.4.51-3.37.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-3.37.1.ppc64le",
"product": {
"name": "apache2-2.4.51-3.37.1.ppc64le",
"product_id": "apache2-2.4.51-3.37.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-3.37.1.ppc64le",
"product": {
"name": "apache2-devel-2.4.51-3.37.1.ppc64le",
"product_id": "apache2-devel-2.4.51-3.37.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-3.37.1.ppc64le",
"product": {
"name": "apache2-event-2.4.51-3.37.1.ppc64le",
"product_id": "apache2-event-2.4.51-3.37.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-3.37.1.ppc64le",
"product": {
"name": "apache2-example-pages-2.4.51-3.37.1.ppc64le",
"product_id": "apache2-example-pages-2.4.51-3.37.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-3.37.1.ppc64le",
"product": {
"name": "apache2-prefork-2.4.51-3.37.1.ppc64le",
"product_id": "apache2-prefork-2.4.51-3.37.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-3.37.1.ppc64le",
"product": {
"name": "apache2-utils-2.4.51-3.37.1.ppc64le",
"product_id": "apache2-utils-2.4.51-3.37.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-3.37.1.ppc64le",
"product": {
"name": "apache2-worker-2.4.51-3.37.1.ppc64le",
"product_id": "apache2-worker-2.4.51-3.37.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.51-3.37.1.s390x",
"product": {
"name": "apache2-2.4.51-3.37.1.s390x",
"product_id": "apache2-2.4.51-3.37.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-3.37.1.s390x",
"product": {
"name": "apache2-devel-2.4.51-3.37.1.s390x",
"product_id": "apache2-devel-2.4.51-3.37.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-3.37.1.s390x",
"product": {
"name": "apache2-event-2.4.51-3.37.1.s390x",
"product_id": "apache2-event-2.4.51-3.37.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-3.37.1.s390x",
"product": {
"name": "apache2-example-pages-2.4.51-3.37.1.s390x",
"product_id": "apache2-example-pages-2.4.51-3.37.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-3.37.1.s390x",
"product": {
"name": "apache2-prefork-2.4.51-3.37.1.s390x",
"product_id": "apache2-prefork-2.4.51-3.37.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-3.37.1.s390x",
"product": {
"name": "apache2-utils-2.4.51-3.37.1.s390x",
"product_id": "apache2-utils-2.4.51-3.37.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-3.37.1.s390x",
"product": {
"name": "apache2-worker-2.4.51-3.37.1.s390x",
"product_id": "apache2-worker-2.4.51-3.37.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"product": {
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"product_id": "chromedriver-99.0.4844.84-bp153.2.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"product": {
"name": "chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"product_id": "chromium-99.0.4844.84-bp153.2.75.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-2.4.51-3.37.1.x86_64",
"product": {
"name": "apache2-2.4.51-3.37.1.x86_64",
"product_id": "apache2-2.4.51-3.37.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.51-3.37.1.x86_64",
"product": {
"name": "apache2-devel-2.4.51-3.37.1.x86_64",
"product_id": "apache2-devel-2.4.51-3.37.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.51-3.37.1.x86_64",
"product": {
"name": "apache2-event-2.4.51-3.37.1.x86_64",
"product_id": "apache2-event-2.4.51-3.37.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.51-3.37.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.51-3.37.1.x86_64",
"product_id": "apache2-example-pages-2.4.51-3.37.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.51-3.37.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.51-3.37.1.x86_64",
"product_id": "apache2-prefork-2.4.51-3.37.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.51-3.37.1.x86_64",
"product": {
"name": "apache2-utils-2.4.51-3.37.1.x86_64",
"product_id": "apache2-utils-2.4.51-3.37.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.51-3.37.1.x86_64",
"product": {
"name": "apache2-worker-2.4.51-3.37.1.x86_64",
"product_id": "apache2-worker-2.4.51-3.37.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP3",
"product": {
"name": "SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.aarch64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64"
},
"product_reference": "chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.x86_64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64"
},
"product_reference": "chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-99.0.4844.84-bp153.2.75.1.aarch64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.aarch64"
},
"product_reference": "chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-99.0.4844.84-bp153.2.75.1.x86_64 as component of SUSE Package Hub 15 SP3",
"product_id": "SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.x86_64"
},
"product_reference": "chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64"
},
"product_reference": "chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64"
},
"product_reference": "chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-99.0.4844.84-bp153.2.75.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64"
},
"product_reference": "chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-99.0.4844.84-bp153.2.75.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64"
},
"product_reference": "chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-devel-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-devel-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-devel-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-devel-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.51-3.37.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch"
},
"product_reference": "apache2-doc-2.4.51-3.37.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-event-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-event-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-event-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-event-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-prefork-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-utils-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-utils-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-utils-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-worker-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-worker-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-worker-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64"
},
"product_reference": "chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-99.0.4844.84-bp153.2.75.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64"
},
"product_reference": "chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-99.0.4844.84-bp153.2.75.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64"
},
"product_reference": "chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-99.0.4844.84-bp153.2.75.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64"
},
"product_reference": "chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-devel-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-devel-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-devel-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-devel-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.51-3.37.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch"
},
"product_reference": "apache2-doc-2.4.51-3.37.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-event-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-event-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-event-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-event-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-prefork-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-utils-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-utils-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-utils-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-3.37.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64"
},
"product_reference": "apache2-worker-2.4.51-3.37.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-3.37.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.51-3.37.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-3.37.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x"
},
"product_reference": "apache2-worker-2.4.51-3.37.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.51-3.37.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64"
},
"product_reference": "apache2-worker-2.4.51-3.37.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44224",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44224"
}
],
"notes": [
{
"category": "general",
"text": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44224",
"url": "https://www.suse.com/security/cve/CVE-2021-44224"
},
{
"category": "external",
"summary": "SUSE Bug 1193943 for CVE-2021-44224",
"url": "https://bugzilla.suse.com/1193943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-01-17T15:25:36Z",
"details": "important"
}
],
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-44790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44790"
}
],
"notes": [
{
"category": "general",
"text": "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44790",
"url": "https://www.suse.com/security/cve/CVE-2021-44790"
},
{
"category": "external",
"summary": "SUSE Bug 1193942 for CVE-2021-44790",
"url": "https://bugzilla.suse.com/1193942"
},
{
"category": "external",
"summary": "SUSE Bug 1204730 for CVE-2021-44790",
"url": "https://bugzilla.suse.com/1204730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"SUSE Package Hub 15 SP3:chromium-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-devel-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-doc-2.4.51-3.37.1.noarch",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-event-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-example-pages-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-prefork-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-utils-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.aarch64",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.ppc64le",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.s390x",
"openSUSE Leap 15.3:apache2-worker-2.4.51-3.37.1.x86_64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromedriver-99.0.4844.84-bp153.2.75.1.x86_64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.aarch64",
"openSUSE Leap 15.3:chromium-99.0.4844.84-bp153.2.75.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-01-17T15:25:36Z",
"details": "critical"
}
],
"title": "CVE-2021-44790"
}
]
}
OPENSUSE-SU-2024:11695-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
apache2-2.4.52-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: apache2-2.4.52-1.1 on GA media
Description of the patch: These are all security issues fixed in the apache2-2.4.52-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-11695
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.52-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.52-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.52-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.52-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.52-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.52-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.52-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apache2-2.4.52-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "apache2-2.4.52-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the apache2-2.4.52-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11695",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11695-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44224 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44224/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-44790 page",
"url": "https://www.suse.com/security/cve/CVE-2021-44790/"
}
],
"title": "apache2-2.4.52-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11695-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.52-1.1.aarch64",
"product": {
"name": "apache2-2.4.52-1.1.aarch64",
"product_id": "apache2-2.4.52-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.52-1.1.ppc64le",
"product": {
"name": "apache2-2.4.52-1.1.ppc64le",
"product_id": "apache2-2.4.52-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.52-1.1.s390x",
"product": {
"name": "apache2-2.4.52-1.1.s390x",
"product_id": "apache2-2.4.52-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.52-1.1.x86_64",
"product": {
"name": "apache2-2.4.52-1.1.x86_64",
"product_id": "apache2-2.4.52-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.52-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.52-1.1.aarch64"
},
"product_reference": "apache2-2.4.52-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.52-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.52-1.1.ppc64le"
},
"product_reference": "apache2-2.4.52-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.52-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.52-1.1.s390x"
},
"product_reference": "apache2-2.4.52-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.52-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apache2-2.4.52-1.1.x86_64"
},
"product_reference": "apache2-2.4.52-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-44224",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44224"
}
],
"notes": [
{
"category": "general",
"text": "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.52-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44224",
"url": "https://www.suse.com/security/cve/CVE-2021-44224"
},
{
"category": "external",
"summary": "SUSE Bug 1193943 for CVE-2021-44224",
"url": "https://bugzilla.suse.com/1193943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.52-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.52-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-44790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-44790"
}
],
"notes": [
{
"category": "general",
"text": "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apache2-2.4.52-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-44790",
"url": "https://www.suse.com/security/cve/CVE-2021-44790"
},
{
"category": "external",
"summary": "SUSE Bug 1193942 for CVE-2021-44790",
"url": "https://bugzilla.suse.com/1193942"
},
{
"category": "external",
"summary": "SUSE Bug 1204730 for CVE-2021-44790",
"url": "https://bugzilla.suse.com/1204730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apache2-2.4.52-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apache2-2.4.52-1.1.aarch64",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.ppc64le",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.s390x",
"openSUSE Tumbleweed:apache2-2.4.52-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2021-44790"
}
]
}
RHSA-2022:1915
Vulnerability from csaf_redhat - Published: 2022-05-10 14:18 - Updated: 2026-05-14 22:32Summary
Red Hat Security Advisory: httpd:2.4 security and bug fix update
Severity
Moderate
Notes
Topic: An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)
* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)
* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)
* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.3 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.
7.5 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.
7.1 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
29 references
Acknowledgments
the Apache project
GHSL
Antonio Morales
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)\n\n* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)\n\n* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)\n\n* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1915",
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"
},
{
"category": "external",
"summary": "1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "1984828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984828"
},
{
"category": "external",
"summary": "2001046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001046"
},
{
"category": "external",
"summary": "2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1915.json"
}
],
"title": "Red Hat Security Advisory: httpd:2.4 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-14T22:32:02+00:00",
"generator": {
"date": "2026-05-14T22:32:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2022:1915",
"initial_release_date": "2022-05-10T14:18:41+00:00",
"revision_history": [
{
"date": "2022-05-10T14:18:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-10T14:18:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:32:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=src\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=src\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"product": {
"name": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch (httpd:2.4)",
"product_id": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-filesystem@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=noarch\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"product": {
"name": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch (httpd:2.4)",
"product_id": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=noarch\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4"
},
"product_reference": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4"
},
"product_reference": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2020-35452",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966724"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Single zero byte stack overflow in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35452"
},
{
"category": "external",
"summary": "RHBZ#1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:18:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "workaround",
"details": "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Single zero byte stack overflow in mod_auth_digest"
},
{
"cve": "CVE-2021-33193",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966728"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Request splitting via HTTP/2 method injection and mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33193"
},
{
"category": "external",
"summary": "RHBZ#1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193"
},
{
"category": "external",
"summary": "https://portswigger.net/research/http2",
"url": "https://portswigger.net/research/http2"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:18:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. More information available at: https://httpd.apache.org/docs/2.4/mod/mod_http2.html",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Request splitting via HTTP/2 method injection and mod_proxy"
},
{
"cve": "CVE-2021-36160",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005124"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36160"
},
{
"category": "external",
"summary": "RHBZ#2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:18:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path"
},
{
"cve": "CVE-2021-44224",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034672"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a null pointer dereference and server-side request forgery flaw in httpd\u0027s mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: possible NULL dereference or SSRF in forward proxy configurations",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect httpd configurations that do not use forward proxy functionality (configurations where ProxyRequests is turned off).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44224"
},
{
"category": "external",
"summary": "RHBZ#2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44224",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44224"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224"
},
{
"category": "external",
"summary": "http://httpd.apache.org/security/vulnerabilities_24.html",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:18:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: possible NULL dereference or SSRF in forward proxy configurations"
}
]
}
RHSA-2022:6753
Vulnerability from csaf_redhat - Published: 2022-09-29 13:33 - Updated: 2026-05-14 22:32Summary
Red Hat Security Advisory: httpd24-httpd security and bug fix update
Severity
Moderate
Notes
Topic: An update for httpd24-httpd is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)
* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)
* httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)
* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)
* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)
* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)
* httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)
* httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)
* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)
* httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)
* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)
* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)
* httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614)
* httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)
* httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319)
Additional changes:
* To fix CVE-2022-29404, the default value for the "LimitRequestBody" directive in the Apache HTTP Server has been changed from 0 (unlimited) to 1 GiB.
On systems where the value of "LimitRequestBody" is not explicitly specified in an httpd configuration file, updating the httpd package sets "LimitRequestBody" to the default value of 1 GiB. As a consequence, if the total size of the HTTP request body exceeds this 1 GiB default limit, httpd returns the 413 Request Entity Too Large error code.
If the new default allowed size of an HTTP request message body is insufficient for your use case, update your httpd configuration files within the respective context (server, per-directory, per-file, or per-location) and set your preferred limit in bytes. For example, to set a new 2 GiB limit, use:
LimitRequestBody 2147483648
Systems already configured to use any explicit value for the "LimitRequestBody" directive are unaffected by this change.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds write in function ap_escape_quotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function.
8.1 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.
7.1 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write.
7.4 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker.
8.1 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An HTTP request smuggling vulnerability was found in the mod_proxy_ajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests.
6.5 (Medium)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_rputs and ap_rwrite functions can lead to an integer overflow and result in an out-of-bounds read.
5.3 (Medium)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_strcmp_match function can lead to an integer overflow and result in an out-of-bounds read.
7.4 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the mod_lua module of httpd. A malicious request to a Lua script that calls parsebody(0) can lead to a denial of service due to no default limit on the possible input size.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_sed module of httpd. A very large input to the mod_sed module can result in a denial of service due to excessively large memory allocations.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the mod_lua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure.
7.5 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the mod_proxy module of httpd. The server may remove the X-Forwarded-* headers from a request based on the client-side Connection header hop-by-hop mechanism.
7.3 (High)
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
92 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd24-httpd is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)\n\n* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)\n\n* httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)\n\n* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)\n\n* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)\n\n* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)\n\n* httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)\n\n* httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)\n\n* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)\n\n* httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)\n\n* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)\n\n* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)\n\n* httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614)\n\n* httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)\n\n* httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319)\n\nAdditional changes:\n\n* To fix CVE-2022-29404, the default value for the \"LimitRequestBody\" directive in the Apache HTTP Server has been changed from 0 (unlimited) to 1 GiB. \n\nOn systems where the value of \"LimitRequestBody\" is not explicitly specified in an httpd configuration file, updating the httpd package sets \"LimitRequestBody\" to the default value of 1 GiB. As a consequence, if the total size of the HTTP request body exceeds this 1 GiB default limit, httpd returns the 413 Request Entity Too Large error code.\n\nIf the new default allowed size of an HTTP request message body is insufficient for your use case, update your httpd configuration files within the respective context (server, per-directory, per-file, or per-location) and set your preferred limit in bytes. For example, to set a new 2 GiB limit, use:\n\nLimitRequestBody 2147483648\n\nSystems already configured to use any explicit value for the \"LimitRequestBody\" directive are unaffected by this change.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6753",
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/6975397",
"url": "https://access.redhat.com/articles/6975397"
},
{
"category": "external",
"summary": "1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "2005119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005119"
},
{
"category": "external",
"summary": "2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "external",
"summary": "2064319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319"
},
{
"category": "external",
"summary": "2064320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320"
},
{
"category": "external",
"summary": "2064322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322"
},
{
"category": "external",
"summary": "2094997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997"
},
{
"category": "external",
"summary": "2095002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002"
},
{
"category": "external",
"summary": "2095006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006"
},
{
"category": "external",
"summary": "2095012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012"
},
{
"category": "external",
"summary": "2095015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015"
},
{
"category": "external",
"summary": "2095018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018"
},
{
"category": "external",
"summary": "2095020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6753.json"
}
],
"title": "Red Hat Security Advisory: httpd24-httpd security and bug fix update",
"tracking": {
"current_release_date": "2026-05-14T22:32:51+00:00",
"generator": {
"date": "2026-05-14T22:32:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2022:6753",
"initial_release_date": "2022-09-29T13:33:06+00:00",
"revision_history": [
{
"date": "2022-09-29T13:33:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-09-29T13:33:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:32:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product": {
"name": "Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"product": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"product_id": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-23.el7.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.34-23.el7.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.34-23.el7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.34-23.el7.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"product_id": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.34-23.el7.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"product": {
"name": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"product_id": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.34-23.el7.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.34-23.el7.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.34-23.el7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.34-23.el7.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"product_id": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.34-23.el7.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.34-23.el7.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.34-23.el7.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.34-23.el7.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"product_id": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.34-23.el7.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)",
"product_id": "7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Server-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.src as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)",
"product_id": "7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-3.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33193",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966728"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Request splitting via HTTP/2 method injection and mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33193"
},
{
"category": "external",
"summary": "RHBZ#1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193"
},
{
"category": "external",
"summary": "https://portswigger.net/research/http2",
"url": "https://portswigger.net/research/http2"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. More information available at: https://httpd.apache.org/docs/2.4/mod/mod_http2.html",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Request splitting via HTTP/2 method injection and mod_proxy"
},
{
"cve": "CVE-2021-34798",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005128"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference via malformed requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34798"
},
{
"category": "external",
"summary": "RHBZ#2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: NULL pointer dereference via malformed requests"
},
{
"cve": "CVE-2021-36160",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005124"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36160"
},
{
"category": "external",
"summary": "RHBZ#2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path"
},
{
"cve": "CVE-2021-39275",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005119"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write in function ap_escape_quotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds write in ap_escape_quotes() via malicious input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No httpd module in Red Hat Enterprise Linux and Red Hat Software Collections pass untrusted data to ap_escape_quotes function, thus the Impact of the flaw has been set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39275"
},
{
"category": "external",
"summary": "RHBZ#2005119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005119"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39275",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39275"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Out-of-bounds write in ap_escape_quotes() via malicious input"
},
{
"cve": "CVE-2021-44224",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034672"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a null pointer dereference and server-side request forgery flaw in httpd\u0027s mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: possible NULL dereference or SSRF in forward proxy configurations",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect httpd configurations that do not use forward proxy functionality (configurations where ProxyRequests is turned off).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44224"
},
{
"category": "external",
"summary": "RHBZ#2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44224",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44224"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224"
},
{
"category": "external",
"summary": "http://httpd.apache.org/security/vulnerabilities_24.html",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: possible NULL dereference or SSRF in forward proxy configurations"
},
{
"cve": "CVE-2022-22719",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064322"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: Use of uninitialized value of in r:parsebody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22719"
},
{
"category": "external",
"summary": "RHBZ#2064322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064322"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22719"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22719",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22719"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw. See https://access.redhat.com/articles/10649 for more information.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_lua: Use of uninitialized value of in r:parsebody"
},
{
"cve": "CVE-2022-22721",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064320"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The default configuration of the LimitXMLRequestBody option on RHEL is 1MB and therefore is not vulnerable to this flaw. Also, this issue is known to only affect 32bit httpd builds.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22721"
},
{
"category": "external",
"summary": "RHBZ#2064320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064320"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22721"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22721",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22721"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Set the LimitXMLRequestBody option to a value smaller than 350MB. Setting it to 0 is not recommended as it will use a hard limit (depending on 32bit or 64bit systems) which may result in an overall system out-of-memory. The default configuration is not vulnerable to this flaw, see the statement above.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody"
},
{
"cve": "CVE-2022-23943",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064319"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read/write vulnerability was found in the mod_sed module of httpd. This flaw allows an attacker to overwrite the memory of an httpd instance that is using mod_sed with data provided by the attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_sed: Read/write beyond bounds",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The `mod_sed` module is disabled by default on Red Hat Enterprise Linux 7 and 8. For this reason, the flaw has been rated as having a security impact of Moderate. The httpd package as shipped with Red Hat Enterprise Linux 6 is not affected by this flaw because the `mod_sed` module is available only in httpd 2.3 and later.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23943"
},
{
"category": "external",
"summary": "RHBZ#2064319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064319"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23943"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23943",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23943"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-23943",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-23943"
}
],
"release_date": "2022-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_sed and restarting httpd will mitigate this flaw. See https://access.redhat.com/articles/10649 for more information.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_sed: Read/write beyond bounds"
},
{
"cve": "CVE-2022-26377",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2094997"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP request smuggling vulnerability was found in the mod_proxy_ajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_ajp: Possible request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The httpd mod_proxy_ajp module is enabled by default on Red Hat Enterprise Linux 8, 9, and in RHSCL. However, there are no directives forwarding requests using the AJP protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-26377"
},
{
"category": "external",
"summary": "RHBZ#2094997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094997"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26377",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26377"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_proxy_ajp and restarting httpd will mitigate this flaw.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_ajp: Possible request smuggling"
},
{
"cve": "CVE-2022-28614",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095002"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_rputs and ap_rwrite functions can lead to an integer overflow and result in an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds read via ap_rwrite()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28614"
},
{
"category": "external",
"summary": "RHBZ#2095002",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095002"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28614"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Out-of-bounds read via ap_rwrite()"
},
{
"cve": "CVE-2022-28615",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095006"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_strcmp_match function can lead to an integer overflow and result in an out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds read in ap_strcmp_match()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "According to upstream, no code distributed with the httpd server can exploit this flaw, however, third-party modules or Lua scripts that use the ap_strcmp_match function could potentially be affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28615"
},
{
"category": "external",
"summary": "RHBZ#2095006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28615"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Out-of-bounds read in ap_strcmp_match()"
},
{
"cve": "CVE-2022-29404",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095012"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. A malicious request to a Lua script that calls parsebody(0) can lead to a denial of service due to no default limit on the possible input size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: DoS in r:parsebody",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-29404"
},
{
"category": "external",
"summary": "RHBZ#2095012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29404"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29404",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29404"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_lua: DoS in r:parsebody"
},
{
"cve": "CVE-2022-30522",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_sed module of httpd. A very large input to the mod_sed module can result in a denial of service due to excessively large memory allocations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_sed: DoS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The mod_sed module is disabled by default on Red Hat Enterprise Linux 7 and 8. The httpd package as shipped with Red Hat Enterprise Linux 6 is not affected by this flaw because the mod_sed module is not available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30522"
},
{
"category": "external",
"summary": "RHBZ#2095015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30522"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30522",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30522"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_sed and restarting httpd will mitigate this flaw.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_sed: DoS vulnerability"
},
{
"cve": "CVE-2022-30556",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_lua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_lua: Information disclosure with websockets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "httpd as shipped with Red Hat Enterprise Linux 6, is not affected by this flaw because it does not ship mod_lua. Red Hat Enterprise Linux 7 is not affected by this flaw because the wsread function is not available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30556"
},
{
"category": "external",
"summary": "RHBZ#2095018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30556"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30556",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30556"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Disabling mod_lua and restarting httpd will mitigate this flaw.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_lua: Information disclosure with websockets"
},
{
"cve": "CVE-2022-31813",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2095020"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mod_proxy module of httpd. The server may remove the X-Forwarded-* headers from a request based on the client-side Connection header hop-by-hop mechanism.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 7. Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31813"
},
{
"category": "external",
"summary": "RHBZ#2095020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31813"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813"
}
],
"release_date": "2022-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-29T13:33:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6753"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Server-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Server-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.src",
"7Workstation-RHSCL-3.8:httpd24-httpd-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-debuginfo-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-devel-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-httpd-manual-0:2.4.34-23.el7.5.noarch",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-httpd-tools-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ldap-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_proxy_html-1:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_session-0:2.4.34-23.el7.5.x86_64",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.ppc64le",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.s390x",
"7Workstation-RHSCL-3.8:httpd24-mod_ssl-1:2.4.34-23.el7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism"
}
]
}
RHSA-2022:7143
Vulnerability from csaf_redhat - Published: 2022-10-26 20:15 - Updated: 2026-05-14 22:32Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update
Severity
Moderate
Notes
Topic: An update is now available for Red Hat JBoss Core Services.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)
* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)
* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)
* httpd: NULL pointer dereference via crafted request during HTTP/2 request processing (CVE-2021-41524)
* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.
7.5 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
129 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
129 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
An out-of-bounds write in function ap_escape_quotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function.
8.1 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
129 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.
7.5 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
|
Known not affected
129 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64 | — | ||
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64 | — | ||
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64 | — |
Threats
Impact
Moderate
There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.
7.1 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
129 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
References
32 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Core Services.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)\n\n* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)\n\n* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)\n\n* httpd: NULL pointer dereference via crafted request during HTTP/2 request processing (CVE-2021-41524)\n\n* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:7143",
"url": "https://access.redhat.com/errata/RHSA-2022:7143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.51/html-single/red_hat_jboss_core_services_apache_http_server_2.4.51_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.51/html-single/red_hat_jboss_core_services_apache_http_server_2.4.51_release_notes/index"
},
{
"category": "external",
"summary": "1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "2005119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005119"
},
{
"category": "external",
"summary": "2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "2010934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010934"
},
{
"category": "external",
"summary": "2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7143.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update",
"tracking": {
"current_release_date": "2026-05-14T22:32:17+00:00",
"generator": {
"date": "2026-05-14T22:32:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2022:7143",
"initial_release_date": "2022-10-26T20:15:34+00:00",
"revision_history": [
{
"date": "2022-10-26T20:15:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-17T11:42:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:32:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 8",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"product_id": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.9-2.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"product_id": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.14-1.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"product_id": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.7.0-6.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-12.el7jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-16.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-31.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.43.0-10.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-28.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-19.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.0-15.el7jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-17.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"product_id": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.83.1-6.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-98.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.17-9.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-41.redhat_1.el7jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"product_id": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.9-2.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"product_id": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.14-1.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"product_id": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.7.0-6.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-12.el8jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-31.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-16.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.43.0-10.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-28.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-17.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.0-15.el8jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-19.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"product_id": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.83.1-6.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-98.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.17-9.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-41.redhat_1.el8jbcs?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.9-2.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.9-2.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.9-2.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.14-1.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.14-1.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.14-1.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.7.0-6.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.7.0-6.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.7.0-6.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-12.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1k-12.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1k-12.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1k-12.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1k-12.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1k-12.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-16.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-16.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-31.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-31.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.43.0-10.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.43.0-10.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.43.0-10.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-28.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.51-28.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.51-28.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.51-28.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.51-28.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.51-28.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.51-28.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.51-28.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.51-28.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-19.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-19.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.0-15.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.0-15.el7jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-17.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-17.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.83.1-6.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.83.1-6.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.83.1-6.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.83.1-6.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-98.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.17-9.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.17-9.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-41.redhat_1.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-41.redhat_1.el7jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.9-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.9-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.9-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.14-1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.14-1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.14-1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.7.0-6.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.7.0-6.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.7.0-6.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1k-12.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1k-12.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1k-12.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1k-12.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1k-12.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1k-12.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs-debuginfo@1.1.1k-12.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-31.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-31.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-16.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-16.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.43.0-10.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.43.0-10.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.43.0-10.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.51-28.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.51-28.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.51-28.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.51-28.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.51-28.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.19-17.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.19-17.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.4.0-15.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.4.0-15.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.3-19.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.3-19.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.83.1-6.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.83.1-6.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.83.1-6.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.83.1-6.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-debuginfo@7.83.1-6.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap-debuginfo@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql-debuginfo@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss-debuginfo@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc-debuginfo@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl-debuginfo@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql-debuginfo@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite-debuginfo@1.6.1-98.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster@1.3.17-9.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_cluster-debuginfo@1.3.17-9.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-41.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.48-41.redhat_1.el8jbcs?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.51-28.el7jbcs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.51-28.el8jbcs?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33193",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966728"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Request splitting via HTTP/2 method injection and mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"known_not_affected": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33193"
},
{
"category": "external",
"summary": "RHBZ#1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193"
},
{
"category": "external",
"summary": "https://portswigger.net/research/http2",
"url": "https://portswigger.net/research/http2"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-26T20:15:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7143"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. More information available at: https://httpd.apache.org/docs/2.4/mod/mod_http2.html",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Request splitting via HTTP/2 method injection and mod_proxy"
},
{
"cve": "CVE-2021-36160",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005124"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"known_not_affected": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36160"
},
{
"category": "external",
"summary": "RHBZ#2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-26T20:15:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7143"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path"
},
{
"cve": "CVE-2021-39275",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005119"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write in function ap_escape_quotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out-of-bounds write in ap_escape_quotes() via malicious input",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No httpd module in Red Hat Enterprise Linux and Red Hat Software Collections pass untrusted data to ap_escape_quotes function, thus the Impact of the flaw has been set to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"known_not_affected": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39275"
},
{
"category": "external",
"summary": "RHBZ#2005119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005119"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39275",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39275"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-26T20:15:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7143"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Out-of-bounds write in ap_escape_quotes() via malicious input"
},
{
"cve": "CVE-2021-41524",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-10-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2010934"
}
],
"notes": [
{
"category": "description",
"text": "While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference via crafted request during HTTP/2 request processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects Apache HTTP Server 2.4.49 and Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP9, earlier versions are not affected. Therefore this issue does not affect the other versions of Apache HTTP Server shipped with Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"known_not_affected": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41524"
},
{
"category": "external",
"summary": "RHBZ#2010934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010934"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41524",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41524"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41524",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41524"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-26T20:15:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7143"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: NULL pointer dereference via crafted request during HTTP/2 request processing"
},
{
"cve": "CVE-2021-44224",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-12-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034672"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a null pointer dereference and server-side request forgery flaw in httpd\u0027s mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: possible NULL dereference or SSRF in forward proxy configurations",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect httpd configurations that do not use forward proxy functionality (configurations where ProxyRequests is turned off).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"known_not_affected": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44224"
},
{
"category": "external",
"summary": "RHBZ#2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44224",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44224"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224"
},
{
"category": "external",
"summary": "http://httpd.apache.org/security/vulnerabilities_24.html",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-10-26T20:15:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7143"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el7jbcs.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-jansson-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-41.redhat_1.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el7jbcs.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el7jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.7.0-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-98.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-brotli-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-brotli-devel-0:1.0.9-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.51-28.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-jansson-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-jansson-devel-0:2.14-1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.83.1-6.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.19-17.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-41.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-41.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.4.0-15.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_cluster-debuginfo-0:1.3.17-9.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.3-19.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.51-28.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.43.0-10.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-16.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1k-12.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-31.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1k-12.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: possible NULL dereference or SSRF in forward proxy configurations"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…