Vulnerability-Lookup

CVE-2015-3183 (GCVE-0-2015-3183)

Vulnerability from cvelistv5 – Published: 2015-07-20 23:00 – Updated: 2024-08-06 05:39

Summary

The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.

Severity

No CVSS data available.

CWE

Assigner

redhat

References

54 references

URL	Tags
http://marc.info/?l=bugtraq&m=144493176821532&w=2	vendor-advisoryx_refsource_HP
http://rhn.redhat.com/errata/RHSA-2016-2056.html	vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-updates/2015-1…	vendor-advisoryx_refsource_SUSE
http://httpd.apache.org/security/vulnerabilities_…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2016-0061.html	vendor-advisoryx_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
https://security.gentoo.org/glsa/201610-02	vendor-advisoryx_refsource_GENTOO
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-1667.html	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-0062.html	vendor-advisoryx_refsource_REDHAT
http://www.apache.org/dist/httpd/CHANGES_2.4	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-1666.html	vendor-advisoryx_refsource_REDHAT
https://h20564.www2.hpe.com/portal/site/hpsc/publ…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1032967	vdb-entryx_refsource_SECTRACK
http://rhn.redhat.com/errata/RHSA-2015-1668.html	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-2661.html	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2055.html	vendor-advisoryx_refsource_REDHAT
http://www.ubuntu.com/usn/USN-2686-1	vendor-advisoryx_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=144493176821532&w=2	vendor-advisoryx_refsource_HP
http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
http://www.securityfocus.com/bid/75963	vdb-entryx_refsource_BID
http://www.debian.org/security/2015/dsa-3325	vendor-advisoryx_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2015:2659	vendor-advisoryx_refsource_REDHAT
https://github.com/apache/httpd/commit/e427c41257…	x_refsource_CONFIRM
https://puppet.com/security/cve/CVE-2015-3183	x_refsource_CONFIRM
http://www.securityfocus.com/bid/91787	vdb-entryx_refsource_BID
https://access.redhat.com/errata/RHSA-2015:2660	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2054.html	vendor-advisoryx_refsource_REDHAT
https://support.apple.com/kb/HT205031	x_refsource_CONFIRM
https://h20564.www2.hpe.com/portal/site/hpsc/publ…	x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
https://support.apple.com/HT205219	x_refsource_CONFIRM
http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
https://lists.apache.org/thread.html/56c2e7cc9deb…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/84a3714f0878…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/8d63cb8e9100…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/f7f95ac1cd98…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r57608dc51b7…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rd18c3c43602…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/re3d27b6250a…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rfbaf647d52c…	mailing-listx_refsource_MLIST
https://github.com/apache/httpd/commit/a6027e5692…	x_refsource_CONFIRM
https://lists.apache.org/thread.html/rf6449464fd8…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/ra7f6aeb2866…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r9ea3538f229…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rc998b18880d…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r83109088737…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rdca61ae9906…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r9f93cf6dde3…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rcc44594d4d6…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rb14daf9cc4e…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r75cbe9ea3e2…	mailing-listx_refsource_MLIST

Date Public

2015-07-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:39:31.699Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBUX03512",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "name": "RHSA-2016:2056",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
          },
          {
            "name": "openSUSE-SU-2015:1684",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "RHSA-2016:0061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
          },
          {
            "name": "GLSA-201610-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201610-02"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "name": "RHSA-2015:1667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
          },
          {
            "name": "RHSA-2016:0062",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
          },
          {
            "name": "RHSA-2015:1666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
          },
          {
            "name": "1032967",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032967"
          },
          {
            "name": "RHSA-2015:1668",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
          },
          {
            "name": "RHSA-2015:2661",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
          },
          {
            "name": "RHSA-2016:2055",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
          },
          {
            "name": "USN-2686-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2686-1"
          },
          {
            "name": "SSRT102254",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "name": "APPLE-SA-2015-08-13-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
          },
          {
            "name": "75963",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75963"
          },
          {
            "name": "DSA-3325",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3325"
          },
          {
            "name": "RHSA-2015:2659",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2015:2659"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://puppet.com/security/cve/CVE-2015-3183"
          },
          {
            "name": "91787",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "name": "RHSA-2015:2660",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2015:2660"
          },
          {
            "name": "RHSA-2016:2054",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT205031"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
          },
          {
            "name": "APPLE-SA-2015-09-16-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT205219"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-07-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-06T10:11:12.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "HPSBUX03512",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
        },
        {
          "name": "RHSA-2016:2056",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
        },
        {
          "name": "openSUSE-SU-2015:1684",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "name": "RHSA-2016:0061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
        },
        {
          "name": "GLSA-201610-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201610-02"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
        },
        {
          "name": "RHSA-2015:1667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
        },
        {
          "name": "RHSA-2016:0062",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
        },
        {
          "name": "RHSA-2015:1666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
        },
        {
          "name": "1032967",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032967"
        },
        {
          "name": "RHSA-2015:1668",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
        },
        {
          "name": "RHSA-2015:2661",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
        },
        {
          "name": "RHSA-2016:2055",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
        },
        {
          "name": "USN-2686-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2686-1"
        },
        {
          "name": "SSRT102254",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
        },
        {
          "name": "APPLE-SA-2015-08-13-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
        },
        {
          "name": "75963",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75963"
        },
        {
          "name": "DSA-3325",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3325"
        },
        {
          "name": "RHSA-2015:2659",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2015:2659"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://puppet.com/security/cve/CVE-2015-3183"
        },
        {
          "name": "91787",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91787"
        },
        {
          "name": "RHSA-2015:2660",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2015:2660"
        },
        {
          "name": "RHSA-2016:2054",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT205031"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
        },
        {
          "name": "APPLE-SA-2015-09-16-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT205219"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
        },
        {
          "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2015-3183",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "HPSBUX03512",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
            },
            {
              "name": "RHSA-2016:2056",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
            },
            {
              "name": "openSUSE-SU-2015:1684",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
            },
            {
              "name": "http://httpd.apache.org/security/vulnerabilities_24.html",
              "refsource": "CONFIRM",
              "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
            },
            {
              "name": "RHSA-2016:0061",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
            },
            {
              "name": "GLSA-201610-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201610-02"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
            },
            {
              "name": "RHSA-2015:1667",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
            },
            {
              "name": "RHSA-2016:0062",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
            },
            {
              "name": "http://www.apache.org/dist/httpd/CHANGES_2.4",
              "refsource": "CONFIRM",
              "url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
            },
            {
              "name": "RHSA-2015:1666",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
            },
            {
              "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
              "refsource": "CONFIRM",
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
            },
            {
              "name": "1032967",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032967"
            },
            {
              "name": "RHSA-2015:1668",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
            },
            {
              "name": "RHSA-2015:2661",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
            },
            {
              "name": "RHSA-2016:2055",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
            },
            {
              "name": "USN-2686-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2686-1"
            },
            {
              "name": "SSRT102254",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
            },
            {
              "name": "APPLE-SA-2015-08-13-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
            },
            {
              "name": "75963",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/75963"
            },
            {
              "name": "DSA-3325",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2015/dsa-3325"
            },
            {
              "name": "RHSA-2015:2659",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2015:2659"
            },
            {
              "name": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73",
              "refsource": "CONFIRM",
              "url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
            },
            {
              "name": "https://puppet.com/security/cve/CVE-2015-3183",
              "refsource": "CONFIRM",
              "url": "https://puppet.com/security/cve/CVE-2015-3183"
            },
            {
              "name": "91787",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91787"
            },
            {
              "name": "RHSA-2015:2660",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2015:2660"
            },
            {
              "name": "RHSA-2016:2054",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
            },
            {
              "name": "https://support.apple.com/kb/HT205031",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT205031"
            },
            {
              "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
              "refsource": "CONFIRM",
              "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
            },
            {
              "name": "APPLE-SA-2015-09-16-4",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
            },
            {
              "name": "https://support.apple.com/HT205219",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT205219"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6",
              "refsource": "CONFIRM",
              "url": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3Ccvs.httpd.apache.org%3E"
            },
            {
              "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-3183",
    "datePublished": "2015-07-20T23:00:00.000Z",
    "dateReserved": "2015-04-10T00:00:00.000Z",
    "dateUpdated": "2024-08-06T05:39:31.699Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2015-3183",
      "date": "2026-05-27",
      "epss": "0.24118",
      "percentile": "0.96149"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.2.0\", \"versionEndExcluding\": \"2.2.31\", \"matchCriteriaId\": \"FADCA439-D2D8-4329-AD6E-BDA215BF6EB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.4.0\", \"versionEndExcluding\": \"2.4.16\", \"matchCriteriaId\": \"42D9DB2C-AA6E-4633-AB01-7E551E36E912\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad en la implementaci\\u00f3n de la codificaci\\u00f3n de transferencia fragmentada en el Servidor HTTP Apache en versiones anteriores a la 2.4.14 no analiza adecuadamente los fragmentos de las cabeceras lo cual permite a atacantes remotos efectuar ataques de infiltraci\\u00f3n de solicitudes HTTP a trav\\u00e9s de peticiones manipuladas, relacionada con el mal manejo de los valores fragmentados de gran tama\\u00f1o y extensiones fragmentadas no v\\u00e1lidas en modules/http/http_filters.c.\"}]",
      "id": "CVE-2015-3183",
      "lastModified": "2024-11-21T02:28:50.907",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-07-20T23:59:02.877",
      "references": "[{\"url\": \"http://httpd.apache.org/security/vulnerabilities_24.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1666.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1667.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1668.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-2661.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0061.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0062.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2054.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2055.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2056.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.apache.org/dist/httpd/CHANGES_2.4\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3325\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/75963\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/91787\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1032967\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2686-1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2015:2659\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2015:2660\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://puppet.com/security/cve/CVE-2015-3183\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201610-02\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/HT205219\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.apple.com/kb/HT205031\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://httpd.apache.org/security/vulnerabilities_24.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1666.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1667.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1668.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-2661.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0061.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0062.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2054.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2055.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2056.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.apache.org/dist/httpd/CHANGES_2.4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3325\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/75963\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/91787\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1032967\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2686-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2015:2659\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2015:2660\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://puppet.com/security/cve/CVE-2015-3183\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201610-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/HT205219\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.apple.com/kb/HT205031\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-17\"}, {\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-3183\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-07-20T23:59:02.877\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en la implementaci\u00f3n de la codificaci\u00f3n de transferencia fragmentada en el Servidor HTTP Apache en versiones anteriores a la 2.4.14 no analiza adecuadamente los fragmentos de las cabeceras lo cual permite a atacantes remotos efectuar ataques de infiltraci\u00f3n de solicitudes HTTP a trav\u00e9s de peticiones manipuladas, relacionada con el mal manejo de los valores fragmentados de gran tama\u00f1o y extensiones fragmentadas no v\u00e1lidas en modules/http/http_filters.c.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-17\"},{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.2.31\",\"matchCriteriaId\":\"FADCA439-D2D8-4329-AD6E-BDA215BF6EB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndExcluding\":\"2.4.16\",\"matchCriteriaId\":\"42D9DB2C-AA6E-4633-AB01-7E551E36E912\"}]}]}],\"references\":[{\"url\":\"http://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1666.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1667.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1668.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-2661.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0061.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0062.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2054.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2055.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2056.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.apache.org/dist/httpd/CHANGES_2.4\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3325\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/75963\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/91787\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1032967\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2686-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2015:2659\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2015:2660\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://puppet.com/security/cve/CVE-2015-3183\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201610-02\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT205219\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1666.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1667.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1668.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-2661.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0061.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0062.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2054.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2055.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2056.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.apache.org/dist/httpd/CHANGES_2.4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3325\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/75963\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/91787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1032967\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2686-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2015:2659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2015:2660\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://puppet.com/security/cve/CVE-2015-3183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201610-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT205219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

CERTFR-2016-AVI-244

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Oracle Sun Systems Products Suite. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Sun Blade 6000 Ethernet Switched NEM 24P 10GE version 1.2
Oracle	N/A	Commutateurs de Passerelle Sun Network QDR InfiniBand versions antérieures à 2.2.2
Oracle	N/A	Commutateurs Oracle ES1-24 version 1.3
Oracle	N/A	Commutateurs Ethernet 40G 10G 72/64 version 2.0.0
Oracle	N/A	Serveurs Fujitsu M10-1, M10-4, M10-4S exécutant XCP versions antérieures à XCP2320
Oracle	N/A	Commutateurs Sun Network 10GE 72p version 1.2
Oracle	N/A	Oracle Solaris versions 10 et 11.3
Oracle	N/A	Serveurs SPARC Enterprise M3000, M4000, M5000, M8000, M9000 exécutant XCP versions antérieures à XCP1121
Oracle	N/A	Commutateurs Sun Data Center InfiniBand versions antérieures à 2.2.2
Oracle	N/A	Oracle Integrated Lights Out Manager (ILOM) versions 3.0, 3.1 et 3.2
Oracle	N/A	Oracle Solaris Cluster versions 3.4 et 4.3

References

Title

Publication Time

CNVD-2015-04943

Vulnerability from cnvd - Published: 2015-07-28

Title

Apache apr_brigade_flatten()块头解析漏洞

Description

Apache是一款开源的HTTPD服务程序。 Apache apr_brigade_flatten()解析块头存在安全漏洞，由于程序未能正确解析数据块头部。远程攻击者利用该漏洞可通过发送特制的请求实施HTTP请求进行攻击。

Severity

低

Patch Name

Apache apr_brigade_flatten()块头解析漏洞的补丁

Patch Description

Apache是一款开源的HTTPD服务程序。 Apache apr_brigade_flatten()解析块头存在安全漏洞，由于程序未能正确解析数据块头部。远程攻击者利用该漏洞可通过发送特制的请求实施HTTP请求进行攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： http://httpd.apache.org/security/vulnerabilities_24.html

Reference

http://httpd.apache.org/security/vulnerabilities_24.html

Impacted products

Name
['Apache HTTP Server 2.4.7', 'Apache HTTP Server 2.4.9', 'Apache HTTP Server 2.4.8', 'Apache HTTP Server 2.4.6', 'Apache HTTP Server 2.4.10', 'Apache HTTP Server 2.4.12', 'Apache HTTP Server 2.4.1', 'Apache HTTP Server 2.4.2', 'Apache HTTP Server 2.4.3', 'Apache HTTP Server 2.4.4']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "75963"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-3183"
    }
  },
  "description": "Apache\u662f\u4e00\u6b3e\u5f00\u6e90\u7684HTTPD\u670d\u52a1\u7a0b\u5e8f\u3002\r\n\r\nApache apr_brigade_flatten()\u89e3\u6790\u5757\u5934\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u89e3\u6790\u6570\u636e\u5757\u5934\u90e8\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u8bf7\u6c42\u5b9e\u65bdHTTP\u8bf7\u6c42\u8fdb\u884c\u653b\u51fb\u3002",
  "discovererName": "R\u00c3\u00a9gis Leroy",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://httpd.apache.org/security/vulnerabilities_24.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-04943",
  "openTime": "2015-07-28",
  "patchDescription": "Apache\u662f\u4e00\u6b3e\u5f00\u6e90\u7684HTTPD\u670d\u52a1\u7a0b\u5e8f\u3002\r\n\r\nApache apr_brigade_flatten()\u89e3\u6790\u5757\u5934\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u7531\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u89e3\u6790\u6570\u636e\u5757\u5934\u90e8\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684\u8bf7\u6c42\u5b9e\u65bdHTTP\u8bf7\u6c42\u8fdb\u884c\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache apr_brigade_flatten()\u5757\u5934\u89e3\u6790\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apache HTTP Server 2.4.7",
      "Apache HTTP Server 2.4.9",
      "Apache HTTP Server 2.4.8",
      "Apache HTTP Server 2.4.6",
      "Apache HTTP Server 2.4.10",
      "Apache HTTP Server 2.4.12",
      "Apache HTTP Server 2.4.1",
      "Apache HTTP Server 2.4.2",
      "Apache HTTP Server 2.4.3",
      "Apache HTTP Server 2.4.4"
    ]
  },
  "referenceLink": "http://httpd.apache.org/security/vulnerabilities_24.html",
  "serverity": "\u4f4e",
  "submitTime": "2015-07-20",
  "title": "Apache apr_brigade_flatten()\u5757\u5934\u89e3\u6790\u6f0f\u6d1e"
}

FKIE_CVE-2015-3183

Vulnerability from fkie_nvd - Published: 2015-07-20 23:59 - Updated: 2026-05-06 22:30

Severity

Summary

References

URL	Tags
secalert@redhat.com	http://httpd.apache.org/security/vulnerabilities_24.html	Vendor Advisory
secalert@redhat.com	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735	Third Party Advisory
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	Mailing List
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html	Mailing List
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html	Third Party Advisory
secalert@redhat.com	http://marc.info/?l=bugtraq&m=144493176821532&w=2	Mailing List, Third Party Advisory, VDB Entry
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2015-1666.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2015-1667.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2015-1668.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2015-2661.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2016-0061.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2016-0062.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2016-2054.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2016-2055.html	Third Party Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2016-2056.html	Third Party Advisory
secalert@redhat.com	http://www.apache.org/dist/httpd/CHANGES_2.4	Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2015/dsa-3325	Third Party Advisory
secalert@redhat.com	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	Patch
secalert@redhat.com	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Patch, Third Party Advisory
secalert@redhat.com	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/bid/75963	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/bid/91787	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securitytracker.com/id/1032967	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2686-1	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2015:2659	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2015:2660	Third Party Advisory
secalert@redhat.com	https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6	Third Party Advisory
secalert@redhat.com	https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73	Third Party Advisory
secalert@redhat.com	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246	Third Party Advisory
secalert@redhat.com	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789	Third Party Advisory, VDB Entry
secalert@redhat.com	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
secalert@redhat.com	https://puppet.com/security/cve/CVE-2015-3183	Third Party Advisory
secalert@redhat.com	https://security.gentoo.org/glsa/201610-02	Third Party Advisory
secalert@redhat.com	https://support.apple.com/HT205219	Third Party Advisory, VDB Entry
secalert@redhat.com	https://support.apple.com/kb/HT205031	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://httpd.apache.org/security/vulnerabilities_24.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=144493176821532&w=2	Mailing List, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-1666.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-1667.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-1668.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-2661.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-0061.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-0062.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-2054.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-2055.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-2056.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.apache.org/dist/httpd/CHANGES_2.4	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2015/dsa-3325	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/75963	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91787	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032967	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2686-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2015:2659	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2015:2660	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://puppet.com/security/cve/CVE-2015-3183	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201610-02	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT205219	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT205031	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	apache	http_server	*
	apache	http_server	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FADCA439-D2D8-4329-AD6E-BDA215BF6EB0",
              "versionEndExcluding": "2.2.31",
              "versionStartIncluding": "2.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42D9DB2C-AA6E-4633-AB01-7E551E36E912",
              "versionEndExcluding": "2.4.16",
              "versionStartIncluding": "2.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en la implementaci\u00f3n de la codificaci\u00f3n de transferencia fragmentada en el Servidor HTTP Apache en versiones anteriores a la 2.4.14 no analiza adecuadamente los fragmentos de las cabeceras lo cual permite a atacantes remotos efectuar ataques de infiltraci\u00f3n de solicitudes HTTP a trav\u00e9s de peticiones manipuladas, relacionada con el mal manejo de los valores fragmentados de gran tama\u00f1o y extensiones fragmentadas no v\u00e1lidas en modules/http/http_filters.c."
    }
  ],
  "id": "CVE-2015-3183",
  "lastModified": "2026-05-06T22:30:45.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-07-20T23:59:02.877",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3325"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/75963"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91787"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032967"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2686-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2015:2659"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2015:2660"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://puppet.com/security/cve/CVE-2015-3183"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201610-02"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://support.apple.com/HT205219"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://support.apple.com/kb/HT205031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2015/dsa-3325"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/75963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032967"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2686-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2015:2659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2015:2660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://puppet.com/security/cve/CVE-2015-3183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201610-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://support.apple.com/HT205219"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://support.apple.com/kb/HT205031"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-17"
        },
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-892Q-VVCR-V6J5

Vulnerability from github – Published: 2022-05-13 01:09 – Updated: 2025-04-12 12:50

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-3183"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-07-20T23:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.",
  "id": "GHSA-892q-vvcr-v6j5",
  "modified": "2025-04-12T12:50:18Z",
  "published": "2022-05-13T01:09:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2015:2659"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://puppet.com/security/cve/CVE-2015-3183"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201610-02"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT205219"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT205031"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2015:2660"
    },
    {
      "type": "WEB",
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
    },
    {
      "type": "WEB",
      "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
    },
    {
      "type": "WEB",
      "url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2015/dsa-3325"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/75963"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91787"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032967"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2686-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2015-3183

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-3183

Aliases

CVE-2015-3183

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-3183",
    "description": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.",
    "id": "GSD-2015-3183",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-3183.html",
      "https://www.debian.org/security/2015/dsa-3325",
      "https://access.redhat.com/errata/RHSA-2016:2056",
      "https://access.redhat.com/errata/RHSA-2016:2055",
      "https://access.redhat.com/errata/RHSA-2016:2054",
      "https://access.redhat.com/errata/RHSA-2016:0062",
      "https://access.redhat.com/errata/RHSA-2016:0061",
      "https://access.redhat.com/errata/RHSA-2015:2661",
      "https://access.redhat.com/errata/RHSA-2015:2660",
      "https://access.redhat.com/errata/RHSA-2015:2659",
      "https://access.redhat.com/errata/RHSA-2015:1668",
      "https://access.redhat.com/errata/RHSA-2015:1667",
      "https://access.redhat.com/errata/RHSA-2015:1666",
      "https://ubuntu.com/security/CVE-2015-3183",
      "https://advisories.mageia.org/CVE-2015-3183.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2015-3183.html",
      "https://linux.oracle.com/cve/CVE-2015-3183.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-3183"
      ],
      "details": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.",
      "id": "GSD-2015-3183",
      "modified": "2023-12-13T01:20:07.492078Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2015-3183",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "HPSBUX03512",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "name": "RHSA-2016:2056",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
          },
          {
            "name": "openSUSE-SU-2015:1684",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
          },
          {
            "name": "http://httpd.apache.org/security/vulnerabilities_24.html",
            "refsource": "CONFIRM",
            "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "RHSA-2016:0061",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
          },
          {
            "name": "GLSA-201610-02",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201610-02"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "name": "RHSA-2015:1667",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
          },
          {
            "name": "RHSA-2016:0062",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
          },
          {
            "name": "http://www.apache.org/dist/httpd/CHANGES_2.4",
            "refsource": "CONFIRM",
            "url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
          },
          {
            "name": "RHSA-2015:1666",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
          },
          {
            "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
            "refsource": "CONFIRM",
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
          },
          {
            "name": "1032967",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1032967"
          },
          {
            "name": "RHSA-2015:1668",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
          },
          {
            "name": "RHSA-2015:2661",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
          },
          {
            "name": "RHSA-2016:2055",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
          },
          {
            "name": "USN-2686-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2686-1"
          },
          {
            "name": "SSRT102254",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "name": "APPLE-SA-2015-08-13-2",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
          },
          {
            "name": "75963",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/75963"
          },
          {
            "name": "DSA-3325",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2015/dsa-3325"
          },
          {
            "name": "RHSA-2015:2659",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2015:2659"
          },
          {
            "name": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73",
            "refsource": "CONFIRM",
            "url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
          },
          {
            "name": "https://puppet.com/security/cve/CVE-2015-3183",
            "refsource": "CONFIRM",
            "url": "https://puppet.com/security/cve/CVE-2015-3183"
          },
          {
            "name": "91787",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "name": "RHSA-2015:2660",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2015:2660"
          },
          {
            "name": "RHSA-2016:2054",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
          },
          {
            "name": "https://support.apple.com/kb/HT205031",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/kb/HT205031"
          },
          {
            "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
            "refsource": "CONFIRM",
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
          },
          {
            "name": "APPLE-SA-2015-09-16-4",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
          },
          {
            "name": "https://support.apple.com/HT205219",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT205219"
          },
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735",
            "refsource": "CONFIRM",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6",
            "refsource": "CONFIRM",
            "url": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3Ccvs.httpd.apache.org%3E"
          },
          {
            "name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FADCA439-D2D8-4329-AD6E-BDA215BF6EB0",
                    "versionEndExcluding": "2.2.31",
                    "versionStartIncluding": "2.2.0",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "42D9DB2C-AA6E-4633-AB01-7E551E36E912",
                    "versionEndExcluding": "2.4.16",
                    "versionStartIncluding": "2.4.0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c."
          },
          {
            "lang": "es",
            "value": "Vulnerabilidad en la implementaci\u00f3n de la codificaci\u00f3n de transferencia fragmentada en el Servidor HTTP Apache en versiones anteriores a la 2.4.14 no analiza adecuadamente los fragmentos de las cabeceras lo cual permite a atacantes remotos efectuar ataques de infiltraci\u00f3n de solicitudes HTTP a trav\u00e9s de peticiones manipuladas, relacionada con el mal manejo de los valores fragmentados de gran tama\u00f1o y extensiones fragmentadas no v\u00e1lidas en modules/http/http_filters.c."
          }
        ],
        "id": "CVE-2015-3183",
        "lastModified": "2023-12-14T14:06:55.763",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 2.9,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ]
        },
        "published": "2015-07-20T23:59:02.877",
        "references": [
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10735"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3325"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Patch"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Patch",
              "Third Party Advisory"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securityfocus.com/bid/75963"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securitytracker.com/id/1032967"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2686-1"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2015:2659"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2015:2660"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://puppet.com/security/cve/CVE-2015-3183"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://security.gentoo.org/glsa/201610-02"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://support.apple.com/HT205219"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://support.apple.com/kb/HT205031"
          }
        ],
        "sourceIdentifier": "secalert@redhat.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-17"
              },
              {
                "lang": "en",
                "value": "CWE-20"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

RHSA-2015:1666

Vulnerability from csaf_redhat - Published: 2015-08-24 15:56 - Updated: 2026-05-14 22:18

Summary

Red Hat Security Advisory: httpd24-httpd security update

Severity

Moderate

Notes

Topic: Updated httpd24-httpd packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied. (CVE-2015-3185) Note: This update introduces new a new API function, ap_some_authn_required(), which correctly indicates if a request is authenticated. External httpd modules using the old API function should be modified to use the new one to completely resolve this issue. A denial of service flaw was found in the way the mod_lua httpd module processed certain WebSocket Ping requests. A remote attacker could send a specially crafted WebSocket Ping packet that would cause the httpd child process to crash. (CVE-2015-0228) A NULL pointer dereference flaw was found in the way httpd generated certain error responses. A remote attacker could possibly use this flaw to crash the httpd child process using a request that triggers a certain HTTP error. (CVE-2015-0253) All httpd24-httpd users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd24-httpd service will be restarted automatically.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2015-0228

A denial of service flaw was found in the way the mod_lua httpd module processed certain WebSocket Ping requests. A remote attacker could send a specially crafted WebSocket Ping packet that would cause the httpd child process to crash.

5.0 ()


                        
                          AV:N/AC:L/Au:N/C:N/I:N/A:P

Affected products

Fixed 70 products

Product	Version	Remediation
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix

Threats

Impact Low

CVE-2015-0253

A NULL pointer dereference flaw was found in the way httpd generated certain error responses. A remote attacker could possibly use this flaw to crash the httpd child process using a request that triggers a certain HTTP error.

2.6 ()


                        
                          AV:N/AC:H/Au:N/C:N/I:N/A:P

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 70 products

Product	Version	Remediation
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix

Threats

Impact Low

CVE-2015-3183

Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.

3.7 (Low)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-172 - Encoding Error

Affected products

Fixed 70 products

Product	Version	Remediation
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2015-3185

It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied.

3.7 (Low)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-287 - Improper Authentication

Affected products

Fixed 70 products

Product	Version	Remediation
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

References

24 references

URL	Category
https://access.redhat.com/errata/RHSA-2015:1666	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1202988	external
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://bugzilla.redhat.com/show_bug.cgi?id=1243888	external
https://bugzilla.redhat.com/show_bug.cgi?id=1243891	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2015-0228	self
https://bugzilla.redhat.com/show_bug.cgi?id=1202988	external
https://www.cve.org/CVERecord?id=CVE-2015-0228	external
https://nvd.nist.gov/vuln/detail/CVE-2015-0228	external
http://httpd.apache.org/security/vulnerabilities_…	external
https://access.redhat.com/security/cve/CVE-2015-0253	self
https://bugzilla.redhat.com/show_bug.cgi?id=1243891	external
https://www.cve.org/CVERecord?id=CVE-2015-0253	external
https://nvd.nist.gov/vuln/detail/CVE-2015-0253	external
https://access.redhat.com/security/cve/CVE-2015-3183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://www.cve.org/CVERecord?id=CVE-2015-3183	external
https://nvd.nist.gov/vuln/detail/CVE-2015-3183	external
https://access.redhat.com/security/cve/CVE-2015-3185	self
https://bugzilla.redhat.com/show_bug.cgi?id=1243888	external
https://www.cve.org/CVERecord?id=CVE-2015-3185	external
https://nvd.nist.gov/vuln/detail/CVE-2015-3185	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated httpd24-httpd packages that fix multiple security issues are now\navailable for Red Hat Software Collections 2.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient,\nand extensible web server.\n\nMultiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode\ndifferently from an HTTP proxy software in front of it, possibly leading to\nHTTP request smuggling attacks. (CVE-2015-3183)\n\nIt was discovered that in httpd 2.4, the internal API function\nap_some_auth_required() could incorrectly indicate that a request was\nauthenticated even when no authentication was used. An httpd module using\nthis API function could consequently allow access that should have been\ndenied. (CVE-2015-3185)\n\nNote: This update introduces new a new API function,\nap_some_authn_required(), which correctly indicates if a request is\nauthenticated. External httpd modules using the old API function should be\nmodified to use the new one to completely resolve this issue.\n\nA denial of service flaw was found in the way the mod_lua httpd module\nprocessed certain WebSocket Ping requests. A remote attacker could send a\nspecially crafted WebSocket Ping packet that would cause the httpd child\nprocess to crash. (CVE-2015-0228)\n\nA NULL pointer dereference flaw was found in the way httpd generated\ncertain error responses. A remote attacker could possibly use this flaw to\ncrash the httpd child process using a request that triggers a certain HTTP\nerror. (CVE-2015-0253)\n\nAll httpd24-httpd users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After installing\nthe updated packages, the httpd24-httpd service will be restarted\nautomatically.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1666",
        "url": "https://access.redhat.com/errata/RHSA-2015:1666"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1202988",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202988"
      },
      {
        "category": "external",
        "summary": "1243887",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
      },
      {
        "category": "external",
        "summary": "1243888",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888"
      },
      {
        "category": "external",
        "summary": "1243891",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243891"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1666.json"
      }
    ],
    "title": "Red Hat Security Advisory: httpd24-httpd security update",
    "tracking": {
      "current_release_date": "2026-05-14T22:18:24+00:00",
      "generator": {
        "date": "2026-05-14T22:18:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHSA-2015:1666",
      "initial_release_date": "2015-08-24T15:56:41+00:00",
      "revision_history": [
        {
          "date": "2015-08-24T15:56:41+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-08-24T15:56:41+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T22:18:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
                  "product_id": "7Server-RHSCL-2.0-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-RHSCL-2.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-RHSCL-2.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
                  "product_id": "6Server-RHSCL-2.0-6.6.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server-RHSCL-2.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-RHSCL-2.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
                "product": {
                  "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
                  "product_id": "6Server-RHSCL-2.0-6.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Software Collections"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
                "product": {
                  "name": "httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
                  "product_id": "httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.12-6.el7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
                "product": {
                  "name": "httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
                  "product_id": "httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd@2.4.12-6.el7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
                "product": {
                  "name": "httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
                  "product_id": "httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.12-6.el7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
                "product": {
                  "name": "httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
                  "product_id": "httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.12-6.el7.1?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
                "product": {
                  "name": "httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
                  "product_id": "httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.12-6.el7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
                "product": {
                  "name": "httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
                  "product_id": "httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.12-6.el7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
                "product": {
                  "name": "httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
                  "product_id": "httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.12-6.el7.1?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
                "product": {
                  "name": "httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
                  "product_id": "httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.12-6.el7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
                "product": {
                  "name": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
                  "product_id": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.12-4.el6.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
                "product": {
                  "name": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
                  "product_id": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.12-4.el6.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
                "product": {
                  "name": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
                  "product_id": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.12-4.el6.2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
                "product": {
                  "name": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
                  "product_id": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.12-4.el6.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
                "product": {
                  "name": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
                  "product_id": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.12-4.el6.2?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
                "product": {
                  "name": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
                  "product_id": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.12-4.el6.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
                "product": {
                  "name": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
                  "product_id": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.12-4.el6.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
                "product": {
                  "name": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
                  "product_id": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd@2.4.12-4.el6.2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd24-httpd-0:2.4.12-6.el7.1.src",
                "product": {
                  "name": "httpd24-httpd-0:2.4.12-6.el7.1.src",
                  "product_id": "httpd24-httpd-0:2.4.12-6.el7.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd@2.4.12-6.el7.1?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-httpd-0:2.4.12-4.el6.2.src",
                "product": {
                  "name": "httpd24-httpd-0:2.4.12-4.el6.2.src",
                  "product_id": "httpd24-httpd-0:2.4.12-4.el6.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd@2.4.12-4.el6.2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
                "product": {
                  "name": "httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
                  "product_id": "httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.12-6.el7.1?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
                "product": {
                  "name": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
                  "product_id": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.12-4.el6.2?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-4.el6.2.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-4.el6.2.src",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch"
        },
        "product_reference": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.5)",
          "product_id": "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-4.el6.2.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-4.el6.2.src",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch"
        },
        "product_reference": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
          "product_id": "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0-6.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-4.el6.2.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-4.el6.2.src",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch"
        },
        "product_reference": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-4.el6.2.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-4.el6.2.src",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch"
        },
        "product_reference": "httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64"
        },
        "product_reference": "httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
        "relates_to_product_reference": "6Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-6.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-6.el7.1.src",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch"
        },
        "product_reference": "httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_session-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
          "product_id": "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-6.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-6.el7.1.src",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch"
        },
        "product_reference": "httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_session-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Server-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-6.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-6.el7.1.src",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch"
        },
        "product_reference": "httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_session-0:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
        },
        "product_reference": "httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
        "relates_to_product_reference": "7Workstation-RHSCL-2.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-0228",
      "discovery_date": "2015-02-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1202988"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the mod_lua httpd module processed certain WebSocket Ping requests. A remote attacker could send a specially crafted WebSocket Ping packet that would cause the httpd child process to crash.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: Possible mod_lua crash due to websocket bug",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue did not affect the version of httpd package as shipped with Red Hat Enterprise Linux 5, 6 and 7.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-0228"
        },
        {
          "category": "external",
          "summary": "RHBZ#1202988",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202988"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0228",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-0228"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0228",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0228"
        },
        {
          "category": "external",
          "summary": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16",
          "url": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16"
        }
      ],
      "release_date": "2015-03-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-24T15:56:41+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1666"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "httpd: Possible mod_lua crash due to websocket bug"
    },
    {
      "cve": "CVE-2015-0253",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2015-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1243891"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A NULL pointer dereference flaw was found in the way httpd generated certain error responses. A remote attacker could possibly use this flaw to crash the httpd child process using a request that triggers a certain HTTP error.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: NULL pointer dereference crash with ErrorDocument 400 pointing to a local URL-path",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue did not affect the versions of httpd as shipped with Red Hat Enterprise Linux 4, 5, 6, and 7; JBoss Enterprise Web Server 1 and 2; JBoss Web Server 3; and JBoss Enterprise Application Platform 6.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-0253"
        },
        {
          "category": "external",
          "summary": "RHBZ#1243891",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243891"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0253",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-0253"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0253",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0253"
        },
        {
          "category": "external",
          "summary": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16",
          "url": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16"
        }
      ],
      "release_date": "2015-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-24T15:56:41+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1666"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "httpd: NULL pointer dereference crash with ErrorDocument 400 pointing to a local URL-path"
    },
    {
      "cve": "CVE-2015-3183",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "discovery_date": "2015-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1243887"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: HTTP request smuggling attack against chunked request parser",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1243887",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183"
        }
      ],
      "release_date": "2015-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-24T15:56:41+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1666"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: HTTP request smuggling attack against chunked request parser"
    },
    {
      "cve": "CVE-2015-3185",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2015-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1243888"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
          "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
          "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
          "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
          "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
          "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
          "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3185"
        },
        {
          "category": "external",
          "summary": "RHBZ#1243888",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3185",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3185"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185"
        },
        {
          "category": "external",
          "summary": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16",
          "url": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16"
        }
      ],
      "release_date": "2015-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-24T15:56:41+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1666"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.5.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0-6.6.Z:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.src",
            "6Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-4.el6.2.noarch",
            "6Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-4.el6.2.x86_64",
            "6Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-4.el6.2.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0-7.1.Z:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Server-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Server-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Server-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.src",
            "7Workstation-RHSCL-2.0:httpd24-httpd-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-debuginfo-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-devel-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-httpd-manual-0:2.4.12-6.el7.1.noarch",
            "7Workstation-RHSCL-2.0:httpd24-httpd-tools-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ldap-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_proxy_html-1:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_session-0:2.4.12-6.el7.1.x86_64",
            "7Workstation-RHSCL-2.0:httpd24-mod_ssl-1:2.4.12-6.el7.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4"
    }
  ]
}

RHSA-2015:1667

Vulnerability from csaf_redhat - Published: 2015-08-24 18:25 - Updated: 2026-05-14 22:18

Summary

Red Hat Security Advisory: httpd security update

Severity

Moderate

Notes

Topic: Updated httpd packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

CVE-2015-3183

3.7 (Low)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-172 - Encoding Error

Affected products

Fixed 176 products

Product	Version	Remediation
Unresolved product id: 7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2015-3185

3.7 (Low)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-287 - Improper Authentication

Affected products

Fixed 176 products

Product	Version	Remediation
Unresolved product id: 7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

References

14 references

URL	Category
https://access.redhat.com/errata/RHSA-2015:1667	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://bugzilla.redhat.com/show_bug.cgi?id=1243888	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2015-3183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://www.cve.org/CVERecord?id=CVE-2015-3183	external
https://nvd.nist.gov/vuln/detail/CVE-2015-3183	external
https://access.redhat.com/security/cve/CVE-2015-3185	self
https://bugzilla.redhat.com/show_bug.cgi?id=1243888	external
https://www.cve.org/CVERecord?id=CVE-2015-3185	external
https://nvd.nist.gov/vuln/detail/CVE-2015-3185	external
http://httpd.apache.org/security/vulnerabilities_…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated httpd packages that fix two security issues are now available for\nRed Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient,\nand extensible web server.\n\nMultiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode\ndifferently from an HTTP proxy software in front of it, possibly leading to\nHTTP request smuggling attacks. (CVE-2015-3183)\n\nIt was discovered that in httpd 2.4, the internal API function\nap_some_auth_required() could incorrectly indicate that a request was\nauthenticated even when no authentication was used. An httpd module using\nthis API function could consequently allow access that should have been\ndenied. (CVE-2015-3185)\n\nAll httpd users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the httpd service will be restarted automatically.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1667",
        "url": "https://access.redhat.com/errata/RHSA-2015:1667"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1243887",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
      },
      {
        "category": "external",
        "summary": "1243888",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1667.json"
      }
    ],
    "title": "Red Hat Security Advisory: httpd security update",
    "tracking": {
      "current_release_date": "2026-05-14T22:18:25+00:00",
      "generator": {
        "date": "2026-05-14T22:18:25+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHSA-2015:1667",
      "initial_release_date": "2015-08-24T18:25:52+00:00",
      "revision_history": [
        {
          "date": "2015-08-24T18:25:52+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-08-24T18:25:52+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T22:18:25+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-LE-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                  "product_id": "7Server-optional-LE-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                  "product_id": "7Client-optional-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
                  "product_id": "7ComputeNode-optional-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                  "product_id": "7Server-optional-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                  "product_id": "7Workstation-optional-7.1.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
                "product": {
                  "name": "mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_id": "mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-31.ael7b_1.1?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
                "product": {
                  "name": "httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_id": "httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-31.ael7b_1.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
                "product": {
                  "name": "mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_id": "mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session@2.4.6-31.ael7b_1.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
                "product": {
                  "name": "mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_id": "mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap@2.4.6-31.ael7b_1.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
                "product": {
                  "name": "httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_id": "httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.6-31.ael7b_1.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
                "product": {
                  "name": "mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_id": "mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.4.6-31.ael7b_1.1?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
                "product": {
                  "name": "httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_id": "httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.4.6-31.ael7b_1.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
                "product": {
                  "name": "httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_id": "httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.4.6-31.ael7b_1.1?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-0:2.4.6-31.ael7b_1.1.src",
                "product": {
                  "name": "httpd-0:2.4.6-31.ael7b_1.1.src",
                  "product_id": "httpd-0:2.4.6-31.ael7b_1.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.6-31.ael7b_1.1?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.4.6-31.el7_1.1.src",
                "product": {
                  "name": "httpd-0:2.4.6-31.el7_1.1.src",
                  "product_id": "httpd-0:2.4.6-31.el7_1.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.6-31.el7_1.1?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
                "product": {
                  "name": "httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
                  "product_id": "httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-manual@2.4.6-31.ael7b_1.1?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-manual-0:2.4.6-31.el7_1.1.noarch",
                "product": {
                  "name": "httpd-manual-0:2.4.6-31.el7_1.1.noarch",
                  "product_id": "httpd-manual-0:2.4.6-31.el7_1.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-manual@2.4.6-31.el7_1.1?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
                "product": {
                  "name": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
                  "product_id": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.4.6-31.el7_1.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
                "product": {
                  "name": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
                  "product_id": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap@2.4.6-31.el7_1.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
                "product": {
                  "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
                  "product_id": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-31.el7_1.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
                "product": {
                  "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
                  "product_id": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-31.el7_1.1?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
                "product": {
                  "name": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
                  "product_id": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.4.6-31.el7_1.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.4.6-31.el7_1.1.x86_64",
                "product": {
                  "name": "httpd-0:2.4.6-31.el7_1.1.x86_64",
                  "product_id": "httpd-0:2.4.6-31.el7_1.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.6-31.el7_1.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
                "product": {
                  "name": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
                  "product_id": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.4.6-31.el7_1.1?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-0:2.4.6-31.el7_1.1.x86_64",
                "product": {
                  "name": "mod_session-0:2.4.6-31.el7_1.1.x86_64",
                  "product_id": "mod_session-0:2.4.6-31.el7_1.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session@2.4.6-31.el7_1.1?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
                "product": {
                  "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
                  "product_id": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-31.el7_1.1?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
                "product": {
                  "name": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
                  "product_id": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.4.6-31.el7_1.1?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.4.6-31.el7_1.1.ppc64",
                "product": {
                  "name": "httpd-0:2.4.6-31.el7_1.1.ppc64",
                  "product_id": "httpd-0:2.4.6-31.el7_1.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.6-31.el7_1.1?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
                "product": {
                  "name": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
                  "product_id": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.4.6-31.el7_1.1?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
                "product": {
                  "name": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
                  "product_id": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.4.6-31.el7_1.1?arch=ppc64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-0:2.4.6-31.el7_1.1.ppc64",
                "product": {
                  "name": "mod_session-0:2.4.6-31.el7_1.1.ppc64",
                  "product_id": "mod_session-0:2.4.6-31.el7_1.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session@2.4.6-31.el7_1.1?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
                "product": {
                  "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
                  "product_id": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-31.el7_1.1?arch=ppc64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
                "product": {
                  "name": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
                  "product_id": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap@2.4.6-31.el7_1.1?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.4.6-31.el7_1.1.s390x",
                "product": {
                  "name": "httpd-devel-0:2.4.6-31.el7_1.1.s390x",
                  "product_id": "httpd-devel-0:2.4.6-31.el7_1.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.4.6-31.el7_1.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.4.6-31.el7_1.1.s390x",
                "product": {
                  "name": "httpd-0:2.4.6-31.el7_1.1.s390x",
                  "product_id": "httpd-0:2.4.6-31.el7_1.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.4.6-31.el7_1.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.4.6-31.el7_1.1.s390x",
                "product": {
                  "name": "httpd-tools-0:2.4.6-31.el7_1.1.s390x",
                  "product_id": "httpd-tools-0:2.4.6-31.el7_1.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.4.6-31.el7_1.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.4.6-31.el7_1.1.s390x",
                "product": {
                  "name": "mod_ssl-1:2.4.6-31.el7_1.1.s390x",
                  "product_id": "mod_ssl-1:2.4.6-31.el7_1.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.4.6-31.el7_1.1?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
                "product": {
                  "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
                  "product_id": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-31.el7_1.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap-0:2.4.6-31.el7_1.1.s390x",
                "product": {
                  "name": "mod_ldap-0:2.4.6-31.el7_1.1.s390x",
                  "product_id": "mod_ldap-0:2.4.6-31.el7_1.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap@2.4.6-31.el7_1.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session-0:2.4.6-31.el7_1.1.s390x",
                "product": {
                  "name": "mod_session-0:2.4.6-31.el7_1.1.s390x",
                  "product_id": "mod_session-0:2.4.6-31.el7_1.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session@2.4.6-31.el7_1.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
                "product": {
                  "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
                  "product_id": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-31.el7_1.1?arch=s390x\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.src",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.4.6-31.el7_1.1.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch"
        },
        "product_reference": "httpd-manual-0:2.4.6-31.el7_1.1.noarch",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Client-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.src",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.4.6-31.el7_1.1.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch"
        },
        "product_reference": "httpd-manual-0:2.4.6-31.el7_1.1.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7ComputeNode-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.src",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.4.6-31.el7_1.1.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch"
        },
        "product_reference": "httpd-manual-0:2.4.6-31.el7_1.1.noarch",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.ael7b_1.1.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src"
        },
        "product_reference": "httpd-0:2.4.6-31.ael7b_1.1.src",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.4.6-31.ael7b_1.1.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch"
        },
        "product_reference": "httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.src",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.4.6-31.el7_1.1.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch"
        },
        "product_reference": "httpd-manual-0:2.4.6-31.el7_1.1.noarch",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Server-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.ael7b_1.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src"
        },
        "product_reference": "httpd-0:2.4.6-31.ael7b_1.1.src",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.4.6-31.ael7b_1.1.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch"
        },
        "product_reference": "httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
        "relates_to_product_reference": "7Server-optional-LE-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.src",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.4.6-31.el7_1.1.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch"
        },
        "product_reference": "httpd-manual-0:2.4.6-31.el7_1.1.noarch",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.src",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.4.6-31.el7_1.1.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch"
        },
        "product_reference": "httpd-manual-0:2.4.6-31.el7_1.1.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session-0:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_session-0:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
        },
        "product_reference": "mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.1.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-3183",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "discovery_date": "2015-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1243887"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: HTTP request smuggling attack against chunked request parser",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
          "7Server-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
          "7Server-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
          "7Server-optional-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
          "7Server-optional-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
          "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1243887",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183"
        }
      ],
      "release_date": "2015-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-24T18:25:52+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
            "7Server-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
            "7Server-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
            "7Server-optional-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
            "7Server-optional-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1667"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
            "7Server-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
            "7Server-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
            "7Server-optional-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
            "7Server-optional-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: HTTP request smuggling attack against chunked request parser"
    },
    {
      "cve": "CVE-2015-3185",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2015-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1243888"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that in httpd 2.4, the internal API function ap_some_auth_required() could incorrectly indicate that a request was authenticated even when no authentication was used. An httpd module using this API function could consequently allow access that should have been denied.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
          "7Server-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
          "7Server-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
          "7Server-optional-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
          "7Server-optional-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
          "7Server-optional-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
          "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
          "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
          "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
          "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
          "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
          "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3185"
        },
        {
          "category": "external",
          "summary": "RHBZ#1243888",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243888"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3185",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3185"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3185"
        },
        {
          "category": "external",
          "summary": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16",
          "url": "http://httpd.apache.org/security/vulnerabilities_24.html#2.4.16"
        }
      ],
      "release_date": "2015-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-24T18:25:52+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
            "7Server-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
            "7Server-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
            "7Server-optional-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
            "7Server-optional-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1667"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Client-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Client-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7ComputeNode-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7ComputeNode-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Server-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Server-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
            "7Server-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
            "7Server-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Server-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Server-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-0:2.4.6-31.ael7b_1.1.src",
            "7Server-optional-LE-7.1.Z:httpd-debuginfo-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-devel-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:httpd-manual-0:2.4.6-31.ael7b_1.1.noarch",
            "7Server-optional-LE-7.1.Z:httpd-tools-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_ldap-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_proxy_html-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_session-0:2.4.6-31.ael7b_1.1.ppc64le",
            "7Server-optional-LE-7.1.Z:mod_ssl-1:2.4.6-31.ael7b_1.1.ppc64le",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Workstation-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.src",
            "7Workstation-optional-7.1.Z:httpd-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-debuginfo-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-devel-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:httpd-manual-0:2.4.6-31.el7_1.1.noarch",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:httpd-tools-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_ldap-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_proxy_html-1:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_session-0:2.4.6-31.el7_1.1.x86_64",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.ppc64",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.s390x",
            "7Workstation-optional-7.1.Z:mod_ssl-1:2.4.6-31.el7_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: ap_some_auth_required() does not properly indicate authenticated request in 2.4"
    }
  ]
}

RHSA-2015:1668

Vulnerability from csaf_redhat - Published: 2015-08-24 15:37 - Updated: 2026-05-14 22:18

Summary

Red Hat Security Advisory: httpd security update

Severity

Moderate

Notes

Topic: Updated httpd packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

CVE-2015-3183

3.7 (Low)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-172 - Encoding Error

Affected products

Fixed 156 products

Product	Version	Remediation
Unresolved product id: 6Client-6.7.z:httpd-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-0:2.2.15-47.el6_7.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-0:2.2.15-47.el6_7.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

References

8 references

URL	Category
https://access.redhat.com/errata/RHSA-2015:1668	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2015-3183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://www.cve.org/CVERecord?id=CVE-2015-3183	external
https://nvd.nist.gov/vuln/detail/CVE-2015-3183	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated httpd packages that fix one security issue are now available for\nRed Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient,\nand extensible web server.\n\nMultiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could use\nthese flaws to create a specially crafted request, which httpd would decode\ndifferently from an HTTP proxy software in front of it, possibly leading to\nHTTP request smuggling attacks. (CVE-2015-3183)\n\nAll httpd users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the httpd service will be restarted automatically.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1668",
        "url": "https://access.redhat.com/errata/RHSA-2015:1668"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1243887",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1668.json"
      }
    ],
    "title": "Red Hat Security Advisory: httpd security update",
    "tracking": {
      "current_release_date": "2026-05-14T22:18:24+00:00",
      "generator": {
        "date": "2026-05-14T22:18:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHSA-2015:1668",
      "initial_release_date": "2015-08-24T15:37:28+00:00",
      "revision_history": [
        {
          "date": "2015-08-24T15:37:28+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-08-24T15:37:28+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T22:18:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                  "product_id": "6Client-6.7.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                  "product_id": "6Client-optional-6.7.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                  "product_id": "6ComputeNode-6.7.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                  "product_id": "6ComputeNode-optional-6.7.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server-6.7.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-6.7.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-0:2.2.15-47.el6_7.src",
                "product": {
                  "name": "httpd-0:2.2.15-47.el6_7.src",
                  "product_id": "httpd-0:2.2.15-47.el6_7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.2.15-47.el6_7.i686",
                "product": {
                  "name": "httpd-tools-0:2.2.15-47.el6_7.i686",
                  "product_id": "httpd-tools-0:2.2.15-47.el6_7.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.2.15-47.el6_7.i686",
                "product": {
                  "name": "httpd-0:2.2.15-47.el6_7.i686",
                  "product_id": "httpd-0:2.2.15-47.el6_7.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.15-47.el6_7.i686",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.15-47.el6_7.i686",
                  "product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.15-47.el6_7.i686",
                "product": {
                  "name": "httpd-devel-0:2.2.15-47.el6_7.i686",
                  "product_id": "httpd-devel-0:2.2.15-47.el6_7.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.2.15-47.el6_7.i686",
                "product": {
                  "name": "mod_ssl-1:2.2.15-47.el6_7.i686",
                  "product_id": "mod_ssl-1:2.2.15-47.el6_7.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7?arch=i686\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
                  "product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.2.15-47.el6_7.x86_64",
                "product": {
                  "name": "httpd-0:2.2.15-47.el6_7.x86_64",
                  "product_id": "httpd-0:2.2.15-47.el6_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.2.15-47.el6_7.x86_64",
                "product": {
                  "name": "httpd-tools-0:2.2.15-47.el6_7.x86_64",
                  "product_id": "httpd-tools-0:2.2.15-47.el6_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.15-47.el6_7.x86_64",
                "product": {
                  "name": "httpd-devel-0:2.2.15-47.el6_7.x86_64",
                  "product_id": "httpd-devel-0:2.2.15-47.el6_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.2.15-47.el6_7.x86_64",
                "product": {
                  "name": "mod_ssl-1:2.2.15-47.el6_7.x86_64",
                  "product_id": "mod_ssl-1:2.2.15-47.el6_7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-manual-0:2.2.15-47.el6_7.noarch",
                "product": {
                  "name": "httpd-manual-0:2.2.15-47.el6_7.noarch",
                  "product_id": "httpd-manual-0:2.2.15-47.el6_7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-manual@2.2.15-47.el6_7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.2.15-47.el6_7.s390x",
                "product": {
                  "name": "httpd-tools-0:2.2.15-47.el6_7.s390x",
                  "product_id": "httpd-tools-0:2.2.15-47.el6_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.15-47.el6_7.s390x",
                "product": {
                  "name": "httpd-devel-0:2.2.15-47.el6_7.s390x",
                  "product_id": "httpd-devel-0:2.2.15-47.el6_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
                  "product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.2.15-47.el6_7.s390x",
                "product": {
                  "name": "mod_ssl-1:2.2.15-47.el6_7.s390x",
                  "product_id": "mod_ssl-1:2.2.15-47.el6_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.2.15-47.el6_7.s390x",
                "product": {
                  "name": "httpd-0:2.2.15-47.el6_7.s390x",
                  "product_id": "httpd-0:2.2.15-47.el6_7.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.15-47.el6_7.s390",
                "product": {
                  "name": "httpd-devel-0:2.2.15-47.el6_7.s390",
                  "product_id": "httpd-devel-0:2.2.15-47.el6_7.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390",
                  "product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.15-47.el6_7.ppc64",
                "product": {
                  "name": "httpd-devel-0:2.2.15-47.el6_7.ppc64",
                  "product_id": "httpd-devel-0:2.2.15-47.el6_7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl-1:2.2.15-47.el6_7.ppc64",
                "product": {
                  "name": "mod_ssl-1:2.2.15-47.el6_7.ppc64",
                  "product_id": "mod_ssl-1:2.2.15-47.el6_7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7?arch=ppc64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-tools-0:2.2.15-47.el6_7.ppc64",
                "product": {
                  "name": "httpd-tools-0:2.2.15-47.el6_7.ppc64",
                  "product_id": "httpd-tools-0:2.2.15-47.el6_7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
                  "product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-0:2.2.15-47.el6_7.ppc64",
                "product": {
                  "name": "httpd-0:2.2.15-47.el6_7.ppc64",
                  "product_id": "httpd-0:2.2.15-47.el6_7.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "httpd-devel-0:2.2.15-47.el6_7.ppc",
                "product": {
                  "name": "httpd-devel-0:2.2.15-47.el6_7.ppc",
                  "product_id": "httpd-devel-0:2.2.15-47.el6_7.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
                "product": {
                  "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
                  "product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.src"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.src",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.15-47.el6_7.noarch as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch"
        },
        "product_reference": "httpd-manual-0:2.2.15-47.el6_7.noarch",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.src",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.15-47.el6_7.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch"
        },
        "product_reference": "httpd-manual-0:2.2.15-47.el6_7.noarch",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Client-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.src"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.src",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.15-47.el6_7.noarch as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch"
        },
        "product_reference": "httpd-manual-0:2.2.15-47.el6_7.noarch",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.src",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.15-47.el6_7.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch"
        },
        "product_reference": "httpd-manual-0:2.2.15-47.el6_7.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.src"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.src",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.15-47.el6_7.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch"
        },
        "product_reference": "httpd-manual-0:2.2.15-47.el6_7.noarch",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Server-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.src"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.src",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-devel-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-devel-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-manual-0:2.2.15-47.el6_7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch"
        },
        "product_reference": "httpd-manual-0:2.2.15-47.el6_7.noarch",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd-tools-0:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "httpd-tools-0:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.i686",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.ppc64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.s390x",
        "relates_to_product_reference": "6Workstation-6.7.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl-1:2.2.15-47.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64"
        },
        "product_reference": "mod_ssl-1:2.2.15-47.el6_7.x86_64",
        "relates_to_product_reference": "6Workstation-6.7.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-3183",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "discovery_date": "2015-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1243887"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: HTTP request smuggling attack against chunked request parser",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
          "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
          "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
          "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.src",
          "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
          "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
          "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
          "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
          "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
          "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
          "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
          "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
          "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
          "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
          "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
          "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
          "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
          "6Client-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
          "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
          "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
          "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
          "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
          "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
          "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
          "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
          "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
          "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
          "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
          "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
          "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src",
          "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
          "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
          "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
          "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
          "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
          "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
          "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
          "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
          "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
          "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
          "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
          "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
          "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
          "6Client-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
          "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
          "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
          "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
          "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
          "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
          "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
          "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
          "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
          "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
          "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.src",
          "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
          "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
          "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
          "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
          "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
          "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
          "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
          "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
          "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
          "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
          "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
          "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
          "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
          "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
          "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
          "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src",
          "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
          "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
          "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
          "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
          "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
          "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
          "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
          "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
          "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
          "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
          "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
          "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
          "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
          "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
          "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
          "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
          "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
          "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
          "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
          "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.src",
          "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
          "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
          "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
          "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
          "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
          "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
          "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
          "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
          "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
          "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
          "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
          "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
          "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
          "6Server-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
          "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
          "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
          "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
          "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
          "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
          "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
          "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
          "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
          "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
          "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
          "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
          "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.src",
          "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
          "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
          "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
          "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
          "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
          "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
          "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
          "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
          "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
          "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
          "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
          "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
          "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
          "6Workstation-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
          "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
          "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
          "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
          "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
          "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
          "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
          "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
          "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1243887",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183"
        }
      ],
      "release_date": "2015-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-24T15:37:28+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6Client-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1668"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6Client-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6Client-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6Client-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6Client-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6Client-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6ComputeNode-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6ComputeNode-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6ComputeNode-optional-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6ComputeNode-optional-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6Server-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6Server-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.src",
            "6Workstation-6.7.z:httpd-0:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:httpd-debuginfo-0:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:httpd-devel-0:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:httpd-manual-0:2.2.15-47.el6_7.noarch",
            "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:httpd-tools-0:2.2.15-47.el6_7.x86_64",
            "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.i686",
            "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.ppc64",
            "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.s390x",
            "6Workstation-6.7.z:mod_ssl-1:2.2.15-47.el6_7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: HTTP request smuggling attack against chunked request parser"
    }
  ]
}

RHSA-2015:2659

Vulnerability from csaf_redhat - Published: 2015-12-16 18:19 - Updated: 2026-05-14 22:18

Summary

Red Hat Security Advisory: Red Hat JBoss Web Server 3.0.2 security update

Severity

Moderate

Notes

Topic: Updated Red Hat JBoss Web Server 3.0.2 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details: Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and prevent further, legitimate connections to the Tomcat server. (CVE-2014-0230) A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704) Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) * This enhancement update adds the Red Hat JBoss Web Server 3.0.2 packages to Red Hat Enterprise Linux 6. These packages provide a number of enhancements over the previous version of Red Hat JBoss Web Server. (JIRA#JWS-228) Users of Red Hat JBoss Web Server are advised to upgrade to these updated packages, which add this enhancement.

CVE-2013-5704

A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers.

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-287 - Improper Authentication

Affected products

Fixed 55 products

Product	Version	Remediation
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix

Threats

Impact Low

CVE-2014-0230

It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.

5.0 ()


                        
                          AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 55 products

Product	Version	Remediation
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix

Threats

Impact Low

CVE-2014-3581

A NULL pointer dereference flaw was found in the way the mod_cache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching enabled.

2.6 ()


                        
                          AV:N/AC:H/Au:N/C:N/I:N/A:P

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 55 products

Product	Version	Remediation
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix

Threats

Impact Low

CVE-2015-3183

3.7 (Low)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-172 - Encoding Error

Affected products

Fixed 55 products

Product	Version	Remediation
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2015-5174

A directory traversal flaw was found in Tomcat's RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a '/..' in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call.

4.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Fixed 55 products

Product	Version	Remediation
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix
Unresolved product id: 6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch	—	Vendor Fix fix

Threats

Impact Low

References

34 references

URL	Category
https://access.redhat.com/errata/RHSA-2015:2659	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1082903	external
https://bugzilla.redhat.com/show_bug.cgi?id=1191200	external
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://bugzilla.redhat.com/show_bug.cgi?id=1263879	external
https://issues.redhat.com/browse/JWS-219	external
https://issues.redhat.com/browse/JWS-220	external
https://issues.redhat.com/browse/JWS-228	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2013-5704	self
https://bugzilla.redhat.com/show_bug.cgi?id=1082903	external
https://www.cve.org/CVERecord?id=CVE-2013-5704	external
https://nvd.nist.gov/vuln/detail/CVE-2013-5704	external
https://access.redhat.com/security/cve/CVE-2014-0230	self
https://bugzilla.redhat.com/show_bug.cgi?id=1191200	external
https://www.cve.org/CVERecord?id=CVE-2014-0230	external
https://nvd.nist.gov/vuln/detail/CVE-2014-0230	external
http://tomcat.apache.org/security-6.html#Fixed_in…	external
http://tomcat.apache.org/security-7.html#Fixed_in…	external
http://tomcat.apache.org/security-8.html#Fixed_in…	external
https://access.redhat.com/security/cve/CVE-2014-3581	self
https://bugzilla.redhat.com/show_bug.cgi?id=1149709	external
https://www.cve.org/CVERecord?id=CVE-2014-3581	external
https://nvd.nist.gov/vuln/detail/CVE-2014-3581	external
https://access.redhat.com/security/cve/CVE-2015-3183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://www.cve.org/CVERecord?id=CVE-2015-3183	external
https://nvd.nist.gov/vuln/detail/CVE-2015-3183	external
https://access.redhat.com/security/cve/CVE-2015-5174	self
https://bugzilla.redhat.com/show_bug.cgi?id=1265698	external
https://www.cve.org/CVERecord?id=CVE-2015-5174	external
https://nvd.nist.gov/vuln/detail/CVE-2015-5174	external
http://seclists.org/bugtraq/2016/Feb/149	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated Red Hat JBoss Web Server 3.0.2 packages are now available for Red\nHat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the\nApache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat\nConnector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and\nthe Tomcat Native library.\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections\nand prevent further, legitimate connections to the Tomcat server.\n(CVE-2014-0230)\n\nA flaw was found in the way httpd handled HTTP Trailer headers when\nprocessing requests using chunked encoding. A malicious client could\nuse Trailer headers to set additional HTTP headers after header\nprocessing was performed by other modules. This could, for example,\nlead to a bypass of header restrictions defined with mod_headers.\n(CVE-2013-5704)\n\nMultiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could\nuse these flaws to create a specially crafted request, which httpd\nwould decode differently from an HTTP proxy software in front of it,\npossibly leading to HTTP request smuggling attacks. (CVE-2015-3183)\n\n* This enhancement update adds the Red Hat JBoss Web Server 3.0.2\npackages to Red Hat Enterprise Linux 6. These packages provide a\nnumber of enhancements over the previous version of Red Hat JBoss Web\nServer. (JIRA#JWS-228)\n\nUsers of Red Hat JBoss Web Server are advised to upgrade to these\nupdated packages, which add this enhancement.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:2659",
        "url": "https://access.redhat.com/errata/RHSA-2015:2659"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1082903",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082903"
      },
      {
        "category": "external",
        "summary": "1191200",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
      },
      {
        "category": "external",
        "summary": "1243887",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
      },
      {
        "category": "external",
        "summary": "1263879",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1263879"
      },
      {
        "category": "external",
        "summary": "JWS-219",
        "url": "https://issues.redhat.com/browse/JWS-219"
      },
      {
        "category": "external",
        "summary": "JWS-220",
        "url": "https://issues.redhat.com/browse/JWS-220"
      },
      {
        "category": "external",
        "summary": "JWS-228",
        "url": "https://issues.redhat.com/browse/JWS-228"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2659.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.0.2 security update",
    "tracking": {
      "current_release_date": "2026-05-14T22:18:35+00:00",
      "generator": {
        "date": "2026-05-14T22:18:35+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHSA-2015:2659",
      "initial_release_date": "2015-12-16T18:19:59+00:00",
      "revision_history": [
        {
          "date": "2015-12-16T18:19:59+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-12-16T18:20:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T22:18:35+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.0 for RHEL 6",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.0 for RHEL 6",
                  "product_id": "6Server-JWS-3.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.0::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
                "product": {
                  "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
                  "product_id": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_cluster-native@1.3.1-6.Final_redhat_2.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
                "product": {
                  "name": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
                  "product_id": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.3.1-6.Final_redhat_2.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
                "product": {
                  "name": "mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
                  "product_id": "mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_bmx@0.9.5-7.GA.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
                "product": {
                  "name": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
                  "product_id": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_bmx-debuginfo@0.9.5-7.GA.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
                "product": {
                  "name": "httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
                  "product_id": "httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-tools@2.4.6-59.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session24-0:2.4.6-59.ep7.el6.x86_64",
                "product": {
                  "name": "mod_session24-0:2.4.6-59.ep7.el6.x86_64",
                  "product_id": "mod_session24-0:2.4.6-59.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session24@2.4.6-59.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
                "product": {
                  "name": "mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
                  "product_id": "mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl24@2.4.6-59.ep7.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
                "product": {
                  "name": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
                  "product_id": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-debuginfo@2.4.6-59.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
                "product": {
                  "name": "mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
                  "product_id": "mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap24@2.4.6-59.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-0:2.4.6-59.ep7.el6.x86_64",
                "product": {
                  "name": "httpd24-0:2.4.6-59.ep7.el6.x86_64",
                  "product_id": "httpd24-0:2.4.6-59.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24@2.4.6-59.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
                "product": {
                  "name": "mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
                  "product_id": "mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy24_html@2.4.6-59.ep7.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
                "product": {
                  "name": "httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
                  "product_id": "httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-devel@2.4.6-59.ep7.el6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
                "product": {
                  "name": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
                  "product_id": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.3.1-6.Final_redhat_2.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
                "product": {
                  "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
                  "product_id": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_cluster-native@1.3.1-6.Final_redhat_2.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
                "product": {
                  "name": "mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
                  "product_id": "mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_bmx@0.9.5-7.GA.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
                "product": {
                  "name": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
                  "product_id": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_bmx-debuginfo@0.9.5-7.GA.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl24-1:2.4.6-59.ep7.el6.i686",
                "product": {
                  "name": "mod_ssl24-1:2.4.6-59.ep7.el6.i686",
                  "product_id": "mod_ssl24-1:2.4.6-59.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl24@2.4.6-59.ep7.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session24-0:2.4.6-59.ep7.el6.i686",
                "product": {
                  "name": "mod_session24-0:2.4.6-59.ep7.el6.i686",
                  "product_id": "mod_session24-0:2.4.6-59.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session24@2.4.6-59.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
                "product": {
                  "name": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
                  "product_id": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-debuginfo@2.4.6-59.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-tools-0:2.4.6-59.ep7.el6.i686",
                "product": {
                  "name": "httpd24-tools-0:2.4.6-59.ep7.el6.i686",
                  "product_id": "httpd24-tools-0:2.4.6-59.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-tools@2.4.6-59.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
                "product": {
                  "name": "mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
                  "product_id": "mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy24_html@2.4.6-59.ep7.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-devel-0:2.4.6-59.ep7.el6.i686",
                "product": {
                  "name": "httpd24-devel-0:2.4.6-59.ep7.el6.i686",
                  "product_id": "httpd24-devel-0:2.4.6-59.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-devel@2.4.6-59.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap24-0:2.4.6-59.ep7.el6.i686",
                "product": {
                  "name": "mod_ldap24-0:2.4.6-59.ep7.el6.i686",
                  "product_id": "mod_ldap24-0:2.4.6-59.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap24@2.4.6-59.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-0:2.4.6-59.ep7.el6.i686",
                "product": {
                  "name": "httpd24-0:2.4.6-59.ep7.el6.i686",
                  "product_id": "httpd24-0:2.4.6-59.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24@2.4.6-59.ep7.el6?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
                "product": {
                  "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
                  "product_id": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_cluster-native@1.3.1-6.Final_redhat_2.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
                "product": {
                  "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
                  "product_id": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-vault@1.0.8-4.Final_redhat_4.1.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
                "product": {
                  "name": "mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
                  "product_id": "mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_bmx@0.9.5-7.GA.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-0:2.4.6-59.ep7.el6.src",
                "product": {
                  "name": "httpd24-0:2.4.6-59.ep7.el6.src",
                  "product_id": "httpd24-0:2.4.6-59.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24@2.4.6-59.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
                "product": {
                  "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
                  "product_id": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.59-42_patch_01.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
                "product": {
                  "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
                  "product_id": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.18-52_patch_01.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
                "product": {
                  "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
                  "product_id": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-commons-collections-eap6@3.2.1-18.redhat_7.1.ep6.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
                "product": {
                  "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_id": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-vault@1.0.8-4.Final_redhat_4.1.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
                "product": {
                  "name": "httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
                  "product_id": "httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-manual@2.4.6-59.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.59-42_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-lib@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_id": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.18-52_patch_01.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
                "product": {
                  "name": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
                  "product_id": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-commons-collections-tomcat-eap6@3.2.1-18.redhat_7.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
                "product": {
                  "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
                  "product_id": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-commons-collections-eap6@3.2.1-18.redhat_7.1.ep6.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch"
        },
        "product_reference": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src"
        },
        "product_reference": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch"
        },
        "product_reference": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-0:2.4.6-59.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686"
        },
        "product_reference": "httpd24-0:2.4.6-59.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-0:2.4.6-59.ep7.el6.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src"
        },
        "product_reference": "httpd24-0:2.4.6-59.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-0:2.4.6-59.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64"
        },
        "product_reference": "httpd24-0:2.4.6-59.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686"
        },
        "product_reference": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64"
        },
        "product_reference": "httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-devel-0:2.4.6-59.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686"
        },
        "product_reference": "httpd24-devel-0:2.4.6-59.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-devel-0:2.4.6-59.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64"
        },
        "product_reference": "httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-manual-0:2.4.6-59.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch"
        },
        "product_reference": "httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-tools-0:2.4.6-59.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686"
        },
        "product_reference": "httpd24-tools-0:2.4.6-59.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-tools-0:2.4.6-59.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64"
        },
        "product_reference": "httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_bmx-0:0.9.5-7.GA.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686"
        },
        "product_reference": "mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_bmx-0:0.9.5-7.GA.ep7.el6.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src"
        },
        "product_reference": "mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64"
        },
        "product_reference": "mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686"
        },
        "product_reference": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64"
        },
        "product_reference": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686"
        },
        "product_reference": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src"
        },
        "product_reference": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64"
        },
        "product_reference": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686"
        },
        "product_reference": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64"
        },
        "product_reference": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap24-0:2.4.6-59.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686"
        },
        "product_reference": "mod_ldap24-0:2.4.6-59.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap24-0:2.4.6-59.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64"
        },
        "product_reference": "mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy24_html-1:2.4.6-59.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686"
        },
        "product_reference": "mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64"
        },
        "product_reference": "mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session24-0:2.4.6-59.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686"
        },
        "product_reference": "mod_session24-0:2.4.6-59.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session24-0:2.4.6-59.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64"
        },
        "product_reference": "mod_session24-0:2.4.6-59.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl24-1:2.4.6-59.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686"
        },
        "product_reference": "mod_ssl24-1:2.4.6-59.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl24-1:2.4.6-59.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64"
        },
        "product_reference": "mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch"
        },
        "product_reference": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src"
        },
        "product_reference": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src"
        },
        "product_reference": "tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src"
        },
        "product_reference": "tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 6",
          "product_id": "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-5704",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2014-03-31T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1082903"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: bypass of mod_headers rules via chunked requests",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of the httpd package as shipped with Red Hat JBoss Enterprise Application Platform 6; and Red Hat JBoss Web Server 2. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nRed Hat Certificate System does not use the mod_headers module, even when installed, and is thus not affected by this flaw.\n\nRed Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nRed Hat JBoss Enterprise Application Platform 5 and Red Hat JBoss Web Server 1 are now in Phase 3, Extended Life Support, of their respective life cycles. This issue has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat JBoss Middleware and Red Hat JBoss Operations Network Product Update and Support Policy: https://access.redhat.com/support/policy/updates/jboss_notes/",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
          "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-5704"
        },
        {
          "category": "external",
          "summary": "RHBZ#1082903",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082903"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5704",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-5704"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5704",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5704"
        }
      ],
      "release_date": "2013-10-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:59+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2659"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "httpd: bypass of mod_headers rules via chunked requests"
    },
    {
      "cve": "CVE-2014-0230",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2015-02-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1191200"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
          "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-0230"
        },
        {
          "category": "external",
          "summary": "RHBZ#1191200",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230"
        },
        {
          "category": "external",
          "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
          "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
        },
        {
          "category": "external",
          "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55",
          "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55"
        },
        {
          "category": "external",
          "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9",
          "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9"
        }
      ],
      "release_date": "2014-07-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:59+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2659"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload"
    },
    {
      "cve": "CVE-2014-3581",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2014-10-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1149709"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A NULL pointer dereference flaw was found in the way the mod_cache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching enabled.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: NULL pointer dereference in mod_cache if Content-Type has empty value",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue did not affect the versions of httpd as shipped with Red Hat Enterprise Linux 5 and 6, JBoss Enterprise Web Server 1 and 2, and JBoss Application Platform 6.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
          "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-3581"
        },
        {
          "category": "external",
          "summary": "RHBZ#1149709",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149709"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3581",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-3581"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3581",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3581"
        }
      ],
      "release_date": "2014-09-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:59+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2659"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "httpd: NULL pointer dereference in mod_cache if Content-Type has empty value"
    },
    {
      "cve": "CVE-2015-3183",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "discovery_date": "2015-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1243887"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: HTTP request smuggling attack against chunked request parser",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
          "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1243887",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183"
        }
      ],
      "release_date": "2015-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:59+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2659"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: HTTP request smuggling attack against chunked request parser"
    },
    {
      "cve": "CVE-2015-5174",
      "discovery_date": "2015-08-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1265698"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A directory traversal flaw was found in Tomcat\u0027s RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a \u0027/..\u0027 in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: URL Normalization issue",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
          "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
          "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
          "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
          "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
          "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
          "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
          "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
          "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
          "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5174"
        },
        {
          "category": "external",
          "summary": "RHBZ#1265698",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265698"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5174",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5174"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5174",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5174"
        },
        {
          "category": "external",
          "summary": "http://seclists.org/bugtraq/2016/Feb/149",
          "url": "http://seclists.org/bugtraq/2016/Feb/149"
        }
      ],
      "release_date": "2016-02-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:59+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2659"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.src",
            "6Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el6.noarch",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.src",
            "6Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el6.noarch",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.src",
            "6Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.i686",
            "6Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.src",
            "6Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.i686",
            "6Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.i686",
            "6Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el6.x86_64",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el6.src",
            "6Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el6.noarch",
            "6Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "tomcat: URL Normalization issue"
    }
  ]
}

RHSA-2015:2660

Vulnerability from csaf_redhat - Published: 2015-12-16 18:19 - Updated: 2026-05-14 22:18

Summary

Red Hat Security Advisory: Red Hat JBoss Web Server 3.0.2 security update

Severity

Moderate

Notes

Topic: Updated Red Hat JBoss Web Server 3.0.2 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details: Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and prevent further, legitimate connections to the Tomcat server. (CVE-2014-0230) A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704) Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) * This enhancement update adds the Red Hat JBoss Web Server 3.0.2 packages to Red Hat Enterprise Linux 7. These packages provide a number of enhancements over the previous version of Red Hat JBoss Web Server. (JIRA#JWS-229) Users of Red Hat JBoss Web Server are advised to upgrade to these updated packages, which add this enhancement.

CVE-2013-5704

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-287 - Improper Authentication

Affected products

Fixed 43 products

Product	Version	Remediation
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix

Threats

Impact Low

CVE-2014-0230

5.0 ()


                        
                          AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 43 products

Product	Version	Remediation
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix

Threats

Impact Low

CVE-2014-3581

2.6 ()


                        
                          AV:N/AC:H/Au:N/C:N/I:N/A:P

CWE-476 - NULL Pointer Dereference

Affected products

Fixed 43 products

Product	Version	Remediation
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix

Threats

Impact Low

CVE-2015-3183

3.7 (Low)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-172 - Encoding Error

Affected products

Fixed 43 products

Product	Version	Remediation
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2015-5174

4.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Fixed 43 products

Product	Version	Remediation
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch	—	Vendor Fix fix

Threats

Impact Low

References

34 references

URL	Category
https://access.redhat.com/errata/RHSA-2015:2660	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1082903	external
https://bugzilla.redhat.com/show_bug.cgi?id=1191200	external
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://bugzilla.redhat.com/show_bug.cgi?id=1263884	external
https://issues.redhat.com/browse/JWS-219	external
https://issues.redhat.com/browse/JWS-220	external
https://issues.redhat.com/browse/JWS-229	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2013-5704	self
https://bugzilla.redhat.com/show_bug.cgi?id=1082903	external
https://www.cve.org/CVERecord?id=CVE-2013-5704	external
https://nvd.nist.gov/vuln/detail/CVE-2013-5704	external
https://access.redhat.com/security/cve/CVE-2014-0230	self
https://bugzilla.redhat.com/show_bug.cgi?id=1191200	external
https://www.cve.org/CVERecord?id=CVE-2014-0230	external
https://nvd.nist.gov/vuln/detail/CVE-2014-0230	external
http://tomcat.apache.org/security-6.html#Fixed_in…	external
http://tomcat.apache.org/security-7.html#Fixed_in…	external
http://tomcat.apache.org/security-8.html#Fixed_in…	external
https://access.redhat.com/security/cve/CVE-2014-3581	self
https://bugzilla.redhat.com/show_bug.cgi?id=1149709	external
https://www.cve.org/CVERecord?id=CVE-2014-3581	external
https://nvd.nist.gov/vuln/detail/CVE-2014-3581	external
https://access.redhat.com/security/cve/CVE-2015-3183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1243887	external
https://www.cve.org/CVERecord?id=CVE-2015-3183	external
https://nvd.nist.gov/vuln/detail/CVE-2015-3183	external
https://access.redhat.com/security/cve/CVE-2015-5174	self
https://bugzilla.redhat.com/show_bug.cgi?id=1265698	external
https://www.cve.org/CVERecord?id=CVE-2015-5174	external
https://nvd.nist.gov/vuln/detail/CVE-2015-5174	external
http://seclists.org/bugtraq/2016/Feb/149	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated Red Hat JBoss Web Server 3.0.2 packages are now available for Red\nHat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the\nApache HTTP Server, the Apache Tomcat Servlet container, Apache\nTomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster),\nHibernate, and the Tomcat Native library.\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections\nand prevent further, legitimate connections to the Tomcat server.\n(CVE-2014-0230)\n\nA flaw was found in the way httpd handled HTTP Trailer headers when\nprocessing requests using chunked encoding. A malicious client could\nuse Trailer headers to set additional HTTP headers after header\nprocessing was performed by other modules. This could, for example,\nlead to a bypass of header restrictions defined with mod_headers.\n(CVE-2013-5704)\n\nMultiple flaws were found in the way httpd parsed HTTP requests and\nresponses using chunked transfer encoding. A remote attacker could\nuse these flaws to create a specially crafted request, which httpd\nwould decode differently from an HTTP proxy software in front of it,\npossibly leading to HTTP request smuggling attacks. (CVE-2015-3183)\n\n* This enhancement update adds the Red Hat JBoss Web Server 3.0.2\npackages to Red Hat Enterprise Linux 7. These packages provide a\nnumber of enhancements over the previous version of Red Hat JBoss Web\nServer. (JIRA#JWS-229)\n\nUsers of Red Hat JBoss Web Server are advised to upgrade to these\nupdated packages, which add this enhancement.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:2660",
        "url": "https://access.redhat.com/errata/RHSA-2015:2660"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1082903",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082903"
      },
      {
        "category": "external",
        "summary": "1191200",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
      },
      {
        "category": "external",
        "summary": "1243887",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
      },
      {
        "category": "external",
        "summary": "1263884",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1263884"
      },
      {
        "category": "external",
        "summary": "JWS-219",
        "url": "https://issues.redhat.com/browse/JWS-219"
      },
      {
        "category": "external",
        "summary": "JWS-220",
        "url": "https://issues.redhat.com/browse/JWS-220"
      },
      {
        "category": "external",
        "summary": "JWS-229",
        "url": "https://issues.redhat.com/browse/JWS-229"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2660.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.0.2 security update",
    "tracking": {
      "current_release_date": "2026-05-14T22:18:36+00:00",
      "generator": {
        "date": "2026-05-14T22:18:36+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHSA-2015:2660",
      "initial_release_date": "2015-12-16T18:19:47+00:00",
      "revision_history": [
        {
          "date": "2015-12-16T18:19:47+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2015-12-16T18:19:47+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T22:18:36+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.0 for RHEL 7",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.0 for RHEL 7",
                  "product_id": "7Server-JWS-3.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.0::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
                "product": {
                  "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
                  "product_id": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_cluster-native@1.3.1-6.Final_redhat_2.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
                "product": {
                  "name": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
                  "product_id": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_cluster-native-debuginfo@1.3.1-6.Final_redhat_2.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
                "product": {
                  "name": "mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
                  "product_id": "mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_bmx@0.9.5-7.GA.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
                "product": {
                  "name": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
                  "product_id": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_bmx-debuginfo@0.9.5-7.GA.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
                "product": {
                  "name": "mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
                  "product_id": "mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_proxy24_html@2.4.6-59.ep7.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
                "product": {
                  "name": "httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
                  "product_id": "httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-debuginfo@2.4.6-59.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
                "product": {
                  "name": "httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
                  "product_id": "httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-devel@2.4.6-59.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_session24-0:2.4.6-59.ep7.el7.x86_64",
                "product": {
                  "name": "mod_session24-0:2.4.6-59.ep7.el7.x86_64",
                  "product_id": "mod_session24-0:2.4.6-59.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_session24@2.4.6-59.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-0:2.4.6-59.ep7.el7.x86_64",
                "product": {
                  "name": "httpd24-0:2.4.6-59.ep7.el7.x86_64",
                  "product_id": "httpd24-0:2.4.6-59.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24@2.4.6-59.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
                "product": {
                  "name": "mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
                  "product_id": "mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ssl24@2.4.6-59.ep7.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
                "product": {
                  "name": "httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
                  "product_id": "httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-tools@2.4.6-59.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
                "product": {
                  "name": "mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
                  "product_id": "mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_ldap24@2.4.6-59.ep7.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
                "product": {
                  "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
                  "product_id": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_cluster-native@1.3.1-6.Final_redhat_2.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
                "product": {
                  "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
                  "product_id": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-vault@1.0.8-4.Final_redhat_4.1.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
                "product": {
                  "name": "mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
                  "product_id": "mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/mod_bmx@0.9.5-7.GA.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-0:2.4.6-59.ep7.el7.src",
                "product": {
                  "name": "httpd24-0:2.4.6-59.ep7.el7.src",
                  "product_id": "httpd24-0:2.4.6-59.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24@2.4.6-59.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
                "product": {
                  "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
                  "product_id": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.59-42_patch_01.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
                "product": {
                  "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
                  "product_id": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.18-52_patch_01.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
                "product": {
                  "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
                  "product_id": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-commons-collections-eap6@3.2.1-18.redhat_7.1.ep6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
                "product": {
                  "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
                  "product_id": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-vault@1.0.8-4.Final_redhat_4.1.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
                "product": {
                  "name": "httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
                  "product_id": "httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/httpd24-manual@2.4.6-59.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.59-42_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-lib@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_id": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.18-52_patch_01.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
                "product": {
                  "name": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
                  "product_id": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-commons-collections-tomcat-eap6@3.2.1-18.redhat_7.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
                "product": {
                  "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
                  "product_id": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-commons-collections-eap6@3.2.1-18.redhat_7.1.ep6.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch"
        },
        "product_reference": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src"
        },
        "product_reference": "apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch"
        },
        "product_reference": "apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-0:2.4.6-59.ep7.el7.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src"
        },
        "product_reference": "httpd24-0:2.4.6-59.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-0:2.4.6-59.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64"
        },
        "product_reference": "httpd24-0:2.4.6-59.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64"
        },
        "product_reference": "httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-devel-0:2.4.6-59.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64"
        },
        "product_reference": "httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-manual-0:2.4.6-59.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch"
        },
        "product_reference": "httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "httpd24-tools-0:2.4.6-59.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64"
        },
        "product_reference": "httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_bmx-0:0.9.5-7.GA.ep7.el7.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src"
        },
        "product_reference": "mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64"
        },
        "product_reference": "mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64"
        },
        "product_reference": "mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src"
        },
        "product_reference": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64"
        },
        "product_reference": "mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64"
        },
        "product_reference": "mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ldap24-0:2.4.6-59.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64"
        },
        "product_reference": "mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64"
        },
        "product_reference": "mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_session24-0:2.4.6-59.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64"
        },
        "product_reference": "mod_session24-0:2.4.6-59.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mod_ssl24-1:2.4.6-59.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64"
        },
        "product_reference": "mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch"
        },
        "product_reference": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src"
        },
        "product_reference": "tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src"
        },
        "product_reference": "tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.src as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src"
        },
        "product_reference": "tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.0 for RHEL 7",
          "product_id": "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2013-5704",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2014-03-31T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1082903"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: bypass of mod_headers rules via chunked requests",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of the httpd package as shipped with Red Hat JBoss Enterprise Application Platform 6; and Red Hat JBoss Web Server 2. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nRed Hat Certificate System does not use the mod_headers module, even when installed, and is thus not affected by this flaw.\n\nRed Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nRed Hat JBoss Enterprise Application Platform 5 and Red Hat JBoss Web Server 1 are now in Phase 3, Extended Life Support, of their respective life cycles. This issue has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat JBoss Middleware and Red Hat JBoss Operations Network Product Update and Support Policy: https://access.redhat.com/support/policy/updates/jboss_notes/",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
          "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
          "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-5704"
        },
        {
          "category": "external",
          "summary": "RHBZ#1082903",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082903"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5704",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-5704"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5704",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5704"
        }
      ],
      "release_date": "2013-10-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:47+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2660"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "httpd: bypass of mod_headers rules via chunked requests"
    },
    {
      "cve": "CVE-2014-0230",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2015-02-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1191200"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
          "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
          "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-0230"
        },
        {
          "category": "external",
          "summary": "RHBZ#1191200",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230"
        },
        {
          "category": "external",
          "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44",
          "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44"
        },
        {
          "category": "external",
          "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55",
          "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55"
        },
        {
          "category": "external",
          "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9",
          "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9"
        }
      ],
      "release_date": "2014-07-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:47+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2660"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload"
    },
    {
      "cve": "CVE-2014-3581",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2014-10-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1149709"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A NULL pointer dereference flaw was found in the way the mod_cache httpd module handled Content-Type headers. A malicious HTTP server could cause the httpd child process to crash when the Apache HTTP server was configured to proxy to a server with caching enabled.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: NULL pointer dereference in mod_cache if Content-Type has empty value",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue did not affect the versions of httpd as shipped with Red Hat Enterprise Linux 5 and 6, JBoss Enterprise Web Server 1 and 2, and JBoss Application Platform 6.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
          "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
          "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-3581"
        },
        {
          "category": "external",
          "summary": "RHBZ#1149709",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149709"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3581",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-3581"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3581",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3581"
        }
      ],
      "release_date": "2014-09-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:47+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2660"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "httpd: NULL pointer dereference in mod_cache if Content-Type has empty value"
    },
    {
      "cve": "CVE-2015-3183",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "discovery_date": "2015-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1243887"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "httpd: HTTP request smuggling attack against chunked request parser",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
          "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
          "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1243887",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3183"
        }
      ],
      "release_date": "2015-07-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:47+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2660"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "httpd: HTTP request smuggling attack against chunked request parser"
    },
    {
      "cve": "CVE-2015-5174",
      "discovery_date": "2015-08-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1265698"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A directory traversal flaw was found in Tomcat\u0027s RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a \u0027/..\u0027 in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: URL Normalization issue",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
          "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
          "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
          "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
          "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
          "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
          "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
          "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-5174"
        },
        {
          "category": "external",
          "summary": "RHBZ#1265698",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265698"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5174",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-5174"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5174",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5174"
        },
        {
          "category": "external",
          "summary": "http://seclists.org/bugtraq/2016/Feb/149",
          "url": "http://seclists.org/bugtraq/2016/Feb/149"
        }
      ],
      "release_date": "2016-02-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-16T18:19:47+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2660"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.src",
            "7Server-JWS-3.0:apache-commons-collections-tomcat-eap6-0:3.2.1-18.redhat_7.1.ep6.el7.noarch",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.src",
            "7Server-JWS-3.0:httpd24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-debuginfo-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-devel-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:httpd24-manual-0:2.4.6-59.ep7.el7.noarch",
            "7Server-JWS-3.0:httpd24-tools-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.src",
            "7Server-JWS-3.0:mod_bmx-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_bmx-debuginfo-0:0.9.5-7.GA.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.src",
            "7Server-JWS-3.0:mod_cluster-native-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_cluster-native-debuginfo-0:1.3.1-6.Final_redhat_2.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ldap24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_proxy24_html-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_session24-0:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:mod_ssl24-1:2.4.6-59.ep7.el7.x86_64",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat-vault-0:1.0.8-4.Final_redhat_4.1.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-0:7.0.59-42_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat7-admin-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-docs-webapp-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-el-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-javadoc-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-jsp-2.2-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-lib-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-log4j-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-servlet-3.0-api-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat7-webapps-0:7.0.59-42_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-0:8.0.18-52_patch_01.ep7.el7.src",
            "7Server-JWS-3.0:tomcat8-admin-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-docs-webapp-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-el-2.2-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-javadoc-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-jsp-2.3-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-lib-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-log4j-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-servlet-3.1-api-0:8.0.18-52_patch_01.ep7.el7.noarch",
            "7Server-JWS-3.0:tomcat8-webapps-0:8.0.18-52_patch_01.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "tomcat: URL Normalization issue"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-3183 (GCVE-0-2015-3183)

Solution

Tags

Sightings

Nomenclature