Action not permitted
Modal body text goes here.
CVE-2020-1934
Vulnerability from cvelistv5
Published
2020-04-01 19:22
Modified
2024-08-04 06:54
Severity ?
EPSS score ?
Summary
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Apache | Apache HTTP Server |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[httpd-dev] 20200404 Odd vulnerabilities_24.html output",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20200404 Re: Odd vulnerabilities_24.html output",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200420 svn commit: r1876764 - /httpd/httpd/branches/2.4.x/CHANGES",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "openSUSE-SU-2020:0597",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200413-0002/"
},
{
"name": "USN-4458-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4458-1/"
},
{
"name": "FEDORA-2020-189a1e6c3e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/"
},
{
"name": "DSA-4757",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4757"
},
{
"name": "FEDORA-2020-0d3d3f5072",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073157 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-1934.json security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888213 - /httpd/site/trunk/content/security/json/CVE-2020-1934.json",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache HTTP Server",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "2.4.0 to 2.4.41"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "mod_proxy_ftp use of uninitialized value",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-09T10:06:16",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[httpd-dev] 20200404 Odd vulnerabilities_24.html output",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20200404 Re: Odd vulnerabilities_24.html output",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200420 svn commit: r1876764 - /httpd/httpd/branches/2.4.x/CHANGES",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "openSUSE-SU-2020:0597",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200413-0002/"
},
{
"name": "USN-4458-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4458-1/"
},
{
"name": "FEDORA-2020-189a1e6c3e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/"
},
{
"name": "DSA-4757",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4757"
},
{
"name": "FEDORA-2020-0d3d3f5072",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073157 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-1934.json security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888213 - /httpd/site/trunk/content/security/json/CVE-2020-1934.json",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-1934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_value": "2.4.0 to 2.4.41"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "mod_proxy_ftp use of uninitialized value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[httpd-dev] 20200404 Odd vulnerabilities_24.html output",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20200404 Re: Odd vulnerabilities_24.html output",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200420 svn commit: r1876764 - /httpd/httpd/branches/2.4.x/CHANGES",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "openSUSE-SU-2020:0597",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "CONFIRM",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200413-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200413-0002/"
},
{
"name": "USN-4458-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4458-1/"
},
{
"name": "FEDORA-2020-189a1e6c3e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/"
},
{
"name": "DSA-4757",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4757"
},
{
"name": "FEDORA-2020-0d3d3f5072",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073157 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-1934.json security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888213 - /httpd/site/trunk/content/security/json/CVE-2020-1934.json",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2020-1934",
"datePublished": "2020-04-01T19:22:23",
"dateReserved": "2019-12-02T00:00:00",
"dateUpdated": "2024-08-04T06:54:00.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-1934\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2020-04-01T20:15:15.127\",\"lastModified\":\"2023-11-07T03:19:36.493\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.\"},{\"lang\":\"es\",\"value\":\"En Apache HTTP Server versiones 2.4.0 hasta 2.4.41, mod_proxy_ftp puede usar memoria no inicializada cuando al enviar un proxy hacia un servidor FTP malicioso.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndIncluding\":\"2.4.41\",\"matchCriteriaId\":\"46C866A0-204C-4F7C-BDFB-5A74F32837F6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"902B8056-9E37-443B-8905-8AA93E2447FB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C57FD3A-0CC1-4BA9-879A-8C4A40234162\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"698FB6D0-B26F-4760-9B9B-1C65FBFF2126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F1D64BC-17BF-4DAE-B5FC-BC41F9C12DFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB43DFD4-D058-4001-BD19-488E059F4532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"086E2E5C-44EB-4C07-B298-C04189533996\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA77B994-3872-4059-854B-0974AA5593D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5682DAEB-3810-4541-833A-568C868BCE0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01BC9AED-F81D-4344-AD97-EEF19B6EA8C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8198E762-9AD9-452B-B1AF-516E52436B7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B095CC03-7077-4A58-AB25-CC5380CDCE5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.1\",\"versionEndIncluding\":\"17.3\",\"matchCriteriaId\":\"9A74FD5F-4FEA-4A74-8B92-72DFDE6BA464\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20200413-0002/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4458-1/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4757\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
rhsa-2020_2644
Vulnerability from csaf_redhat
Published
2020-06-22 12:28
Modified
2024-11-15 08:32
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security fix(es):
* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)
* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)
* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)
* nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080)
* libxml2: There's a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c that could result in a crash (CVE-2019-19956)
* libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388)
* libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595)
* expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843)
* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity fix(es):\n\n* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)\n* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)\n* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)\n* nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080)\n* libxml2: There\u0027s a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c that could result in a crash (CVE-2019-19956)\n* libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388)\n* libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595)\n* expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843)\n* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2644",
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "1723723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723723"
},
{
"category": "external",
"summary": "1752592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592"
},
{
"category": "external",
"summary": "1788856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856"
},
{
"category": "external",
"summary": "1799734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734"
},
{
"category": "external",
"summary": "1799786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786"
},
{
"category": "external",
"summary": "1820772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772"
},
{
"category": "external",
"summary": "1844929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844929"
},
{
"category": "external",
"summary": "JBCS-941",
"url": "https://issues.redhat.com/browse/JBCS-941"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2644.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update",
"tracking": {
"current_release_date": "2024-11-15T08:32:01+00:00",
"generator": {
"date": "2024-11-15T08:32:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:2644",
"initial_release_date": "2020-06-22T12:28:02+00:00",
"revision_history": [
{
"date": "2020-06-22T12:28:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-06-22T12:28:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T08:32:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-25.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-25.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"product_id": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-36.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-36.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-36.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-57.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-57.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-57.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-57.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-57.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-57.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-57.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-57.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-3.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-4.redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-4.redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-4.redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-24.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-51.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-4.Final_redhat_2.jbcs.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-25.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-25.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-36.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-36.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-36.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-57.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-57.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-57.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-57.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-57.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-57.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-57.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-57.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-3.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-4.redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-4.redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-4.redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-24.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-51.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-4.Final_redhat_2.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-25.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-25.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-36.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-36.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-36.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-57.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-57.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-57.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-57.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-57.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-57.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-57.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-57.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-3.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-4.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-4.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-4.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-24.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-51.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-4.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-4.redhat_1.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-25.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"product_id": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-36.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-57.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-7.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-3.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-4.redhat_1.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-24.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-51.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-4.Final_redhat_2.jbcs.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-57.jbcs.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-57.jbcs.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20843",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1723723"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the \"setElementTypePrefix()\" function incorrectly extracted XML namespace prefixes. By tricking an application into processing a specially crafted XML file, an attacker could cause unusually high consumption of memory resources and possibly lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: large number of colons in input makes parser consume high amount of resources, leading to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "When processing a specially crafted XML file, expat may use more memory than ultimately necessary, which can also lead to increased CPU usage and longer processing times. Depending on available system resources and configuration, this may also lead to the application triggering the Out-Of-Memory-Killer, causing the application to be terminated.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20843"
},
{
"category": "external",
"summary": "RHBZ#1723723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723723"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20843",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20843"
},
{
"category": "external",
"summary": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031"
}
],
"release_date": "2019-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T12:28:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: large number of colons in input makes parser consume high amount of resources, leading to DoS"
},
{
"cve": "CVE-2019-0196",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695030"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: read-after-free on a string compare",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0196"
},
{
"category": "external",
"summary": "RHBZ#1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0196",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T12:28:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: read-after-free on a string compare"
},
{
"cve": "CVE-2019-0197",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695042"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set \"H2Upgrade on\" are unaffected by this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: possible crash on late upgrade",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0197"
},
{
"category": "external",
"summary": "RHBZ#1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0197",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T12:28:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: possible crash on late upgrade"
},
{
"cve": "CVE-2019-15903",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2019-09-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1752592"
}
],
"notes": [
{
"category": "description",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: heap-based buffer over-read via crafted XML input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "RHBZ#1752592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15903",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903"
}
],
"release_date": "2019-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T12:28:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "expat: heap-based buffer over-read via crafted XML input"
},
{
"cve": "CVE-2019-19956",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788856"
}
],
"notes": [
{
"category": "description",
"text": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19956"
},
{
"category": "external",
"summary": "RHBZ#1788856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956"
}
],
"release_date": "2020-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T12:28:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c"
},
{
"cve": "CVE-2019-20388",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2020-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1799734"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak was found in the xmlSchemaValidateStream function of libxml2. Applications that use this library may be vulnerable to memory not being freed leading to a denial of service. System availability is the highest threat from this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20388"
},
{
"category": "external",
"summary": "RHBZ#1799734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20388",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388"
}
],
"release_date": "2020-01-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T12:28:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c"
},
{
"cve": "CVE-2020-1934",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1820772"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache\u0027s HTTP server (httpd) .The mod_proxy_ftp module may use uninitialized memory with proxying to a malicious FTP server. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_ftp use of uninitialized value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is caused by use of an uninitialized memory variable. Practically this has no impact, but in some corner cases it is possible that the contents of this variable could be read by a remote process, causing loss of confidentiality as a result of this. There is no evidence of code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1934"
},
{
"category": "external",
"summary": "RHBZ#1820772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1934"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T12:28:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy_ftp use of uninitialized value"
},
{
"cve": "CVE-2020-7595",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1799786"
}
],
"notes": [
{
"category": "description",
"text": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7595"
},
{
"category": "external",
"summary": "RHBZ#1799786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595"
}
],
"release_date": "2020-01-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T12:28:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations"
},
{
"acknowledgments": [
{
"names": [
"the Envoy security team"
]
}
],
"cve": "CVE-2020-11080",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2020-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1844929"
}
],
"notes": [
{
"category": "description",
"text": "A resource consumption vulnerability was found in nghttp2. This flaw allows an attacker to repeatedly construct an overly large HTTP/2 SETTINGS frame with a length of 14,400 bytes that causes excessive CPU usage, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: overly large SETTINGS frames can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11080"
},
{
"category": "external",
"summary": "RHBZ#1844929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11080",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11080"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T12:28:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2644"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: overly large SETTINGS frames can lead to DoS"
}
]
}
rhsa-2020_2646
Vulnerability from csaf_redhat
Published
2020-06-22 13:08
Modified
2024-11-15 08:32
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 zip release for RHEL 6, RHEL 7 and Microsoft Windows is available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security fix(es):
* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)
* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)
* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)
* nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080)
* libxml2: There's a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c that could result in a crash (CVE-2019-19956)
* libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388)
* libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595)
* expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843)
* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 zip release for RHEL 6, RHEL 7 and Microsoft Windows is available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity fix(es):\n\n* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)\n* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)\n* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)\n* nghttp2: overly large SETTINGS frames can lead to DoS (CVE-2020-11080)\n* libxml2: There\u0027s a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c that could result in a crash (CVE-2019-19956)\n* libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388)\n* libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595)\n* expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843)\n* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2646",
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.37",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.37"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.37/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.37/"
},
{
"category": "external",
"summary": "1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "1723723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723723"
},
{
"category": "external",
"summary": "1752592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592"
},
{
"category": "external",
"summary": "1788856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856"
},
{
"category": "external",
"summary": "1799734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734"
},
{
"category": "external",
"summary": "1799786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786"
},
{
"category": "external",
"summary": "1820772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772"
},
{
"category": "external",
"summary": "1844929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844929"
},
{
"category": "external",
"summary": "JBCS-941",
"url": "https://issues.redhat.com/browse/JBCS-941"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2646.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update",
"tracking": {
"current_release_date": "2024-11-15T08:32:08+00:00",
"generator": {
"date": "2024-11-15T08:32:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:2646",
"initial_release_date": "2020-06-22T13:08:26+00:00",
"revision_history": [
{
"date": "2020-06-22T13:08:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-06-22T13:08:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T08:32:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services 1",
"product": {
"name": "Red Hat JBoss Core Services 1",
"product_id": "Red Hat JBoss Core Services 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20843",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1723723"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the \"setElementTypePrefix()\" function incorrectly extracted XML namespace prefixes. By tricking an application into processing a specially crafted XML file, an attacker could cause unusually high consumption of memory resources and possibly lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: large number of colons in input makes parser consume high amount of resources, leading to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "When processing a specially crafted XML file, expat may use more memory than ultimately necessary, which can also lead to increased CPU usage and longer processing times. Depending on available system resources and configuration, this may also lead to the application triggering the Out-Of-Memory-Killer, causing the application to be terminated.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20843"
},
{
"category": "external",
"summary": "RHBZ#1723723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723723"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20843",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20843"
},
{
"category": "external",
"summary": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031"
}
],
"release_date": "2019-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T13:08:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: large number of colons in input makes parser consume high amount of resources, leading to DoS"
},
{
"cve": "CVE-2019-0196",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695030"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: read-after-free on a string compare",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0196"
},
{
"category": "external",
"summary": "RHBZ#1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0196",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T13:08:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: read-after-free on a string compare"
},
{
"cve": "CVE-2019-0197",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695042"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set \"H2Upgrade on\" are unaffected by this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: possible crash on late upgrade",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0197"
},
{
"category": "external",
"summary": "RHBZ#1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0197",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T13:08:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: possible crash on late upgrade"
},
{
"cve": "CVE-2019-15903",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2019-09-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1752592"
}
],
"notes": [
{
"category": "description",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: heap-based buffer over-read via crafted XML input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "RHBZ#1752592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15903",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903"
}
],
"release_date": "2019-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T13:08:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "expat: heap-based buffer over-read via crafted XML input"
},
{
"cve": "CVE-2019-19956",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2020-01-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1788856"
}
],
"notes": [
{
"category": "description",
"text": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19956"
},
{
"category": "external",
"summary": "RHBZ#1788856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19956",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956"
}
],
"release_date": "2020-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T13:08:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c"
},
{
"cve": "CVE-2019-20388",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2020-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1799734"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak was found in the xmlSchemaValidateStream function of libxml2. Applications that use this library may be vulnerable to memory not being freed leading to a denial of service. System availability is the highest threat from this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20388"
},
{
"category": "external",
"summary": "RHBZ#1799734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20388",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20388"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388"
}
],
"release_date": "2020-01-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T13:08:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c"
},
{
"cve": "CVE-2020-1934",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1820772"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache\u0027s HTTP server (httpd) .The mod_proxy_ftp module may use uninitialized memory with proxying to a malicious FTP server. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_ftp use of uninitialized value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is caused by use of an uninitialized memory variable. Practically this has no impact, but in some corner cases it is possible that the contents of this variable could be read by a remote process, causing loss of confidentiality as a result of this. There is no evidence of code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1934"
},
{
"category": "external",
"summary": "RHBZ#1820772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1934"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T13:08:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy_ftp use of uninitialized value"
},
{
"cve": "CVE-2020-7595",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1799786"
}
],
"notes": [
{
"category": "description",
"text": "xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7595"
},
{
"category": "external",
"summary": "RHBZ#1799786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595"
}
],
"release_date": "2020-01-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T13:08:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations"
},
{
"acknowledgments": [
{
"names": [
"the Envoy security team"
]
}
],
"cve": "CVE-2020-11080",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2020-06-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1844929"
}
],
"notes": [
{
"category": "description",
"text": "A resource consumption vulnerability was found in nghttp2. This flaw allows an attacker to repeatedly construct an overly large HTTP/2 SETTINGS frame with a length of 14,400 bytes that causes excessive CPU usage, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nghttp2: overly large SETTINGS frames can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11080"
},
{
"category": "external",
"summary": "RHBZ#1844929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11080",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11080"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11080"
},
{
"category": "external",
"summary": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr",
"url": "https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-22T13:08:26+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2646"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nghttp2: overly large SETTINGS frames can lead to DoS"
}
]
}
rhsa-2020_4751
Vulnerability from csaf_redhat
Published
2020-11-04 01:44
Modified
2024-11-15 06:18
Summary
Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update
Notes
Topic
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
The following packages have been upgraded to a later upstream version: mod_http2 (1.15.7). (BZ#1814236)
Security Fix(es):
* httpd: memory corruption on early pushes (CVE-2019-10081)
* httpd: read-after-free in h2 connection shutdown (CVE-2019-10082)
* httpd: null-pointer dereference in mod_remoteip (CVE-2019-10097)
* httpd: mod_rewrite configurations vulnerable to open redirect (CVE-2020-1927)
* httpd: mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189)
* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)
* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)
* httpd: limited cross-site scripting in mod_proxy error page (CVE-2019-10092)
* httpd: mod_rewrite potential open redirect (CVE-2019-10098)
* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nThe following packages have been upgraded to a later upstream version: mod_http2 (1.15.7). (BZ#1814236)\n\nSecurity Fix(es):\n\n* httpd: memory corruption on early pushes (CVE-2019-10081)\n\n* httpd: read-after-free in h2 connection shutdown (CVE-2019-10082)\n\n* httpd: null-pointer dereference in mod_remoteip (CVE-2019-10097)\n\n* httpd: mod_rewrite configurations vulnerable to open redirect (CVE-2020-1927)\n\n* httpd: mod_http2: DoS via slow, unneeded request bodies (CVE-2018-17189)\n\n* httpd: mod_http2: read-after-free on a string compare (CVE-2019-0196)\n\n* httpd: mod_http2: possible crash on late upgrade (CVE-2019-0197)\n\n* httpd: limited cross-site scripting in mod_proxy error page (CVE-2019-10092)\n\n* httpd: mod_rewrite potential open redirect (CVE-2019-10098)\n\n* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4751",
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1209162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209162"
},
{
"category": "external",
"summary": "1668497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497"
},
{
"category": "external",
"summary": "1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "1743956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743956"
},
{
"category": "external",
"summary": "1743959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743959"
},
{
"category": "external",
"summary": "1743966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743966"
},
{
"category": "external",
"summary": "1743974",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743974"
},
{
"category": "external",
"summary": "1743996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743996"
},
{
"category": "external",
"summary": "1771847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771847"
},
{
"category": "external",
"summary": "1814236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814236"
},
{
"category": "external",
"summary": "1820761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820761"
},
{
"category": "external",
"summary": "1820772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772"
},
{
"category": "external",
"summary": "1832844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832844"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4751.json"
}
],
"title": "Red Hat Security Advisory: httpd:2.4 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-15T06:18:55+00:00",
"generator": {
"date": "2024-11-15T06:18:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:4751",
"initial_release_date": "2020-11-04T01:44:47+00:00",
"revision_history": [
{
"date": "2020-11-04T01:44:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:44:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T06:18:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd:2.4:8030020200818000036:30b713e6",
"product": {
"name": "httpd:2.4:8030020200818000036:30b713e6",
"product_id": "httpd:2.4:8030020200818000036:30b713e6",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/httpd@2.4:8030020200818000036:30b713e6"
}
}
},
{
"category": "product_version",
"name": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"product": {
"name": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"product_id": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-filesystem@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"product": {
"name": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"product_id": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"product": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"product": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=src"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"product": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"product_id": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"product_id": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_id": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"product": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"product_id": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"product_id": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_id": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"product": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"product_id": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"product_id": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_id": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"product": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"product_id": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"product_id": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"product_id": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-2.module%2Bel8.3.0%2B7670%2B8bf57d29?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_id": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-30.module%2Bel8.3.0%2B7001%2B0766b9e7?arch=aarch64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
"product_reference": "httpd:2.4:8030020200818000036:30b713e6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src"
},
"product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch"
},
"product_reference": "httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch"
},
"product_reference": "httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64"
},
"product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le"
},
"product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x"
},
"product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src"
},
"product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64"
},
"product_reference": "mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64 as a component of httpd:2.4:8030020200818000036:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-17189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668497"
}
],
"notes": [
{
"category": "description",
"text": "In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: DoS via slow, unneeded request bodies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-17189"
},
{
"category": "external",
"summary": "RHBZ#1668497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-17189",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17189"
}
],
"release_date": "2019-01-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: DoS via slow, unneeded request bodies"
},
{
"cve": "CVE-2019-0196",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695030"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request incorrectly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: read-after-free on a string compare",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0196"
},
{
"category": "external",
"summary": "RHBZ#1695030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0196",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0196"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: read-after-free on a string compare"
},
{
"cve": "CVE-2019-0197",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695042"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server that never enabled the h2 protocol or that only enabled it for https: and did not set \"H2Upgrade on\" are unaffected by this issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2: possible crash on late upgrade",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0197"
},
{
"category": "external",
"summary": "RHBZ#1695042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695042"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0197",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0197"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-02-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_http2: possible crash on late upgrade"
},
{
"cve": "CVE-2019-10081",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1743966"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache httpd, in mod_http2. Under certain circumstances, HTTP/2 early pushes could lead to memory corruption, causing a server to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: memory corruption on early pushes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10081"
},
{
"category": "external",
"summary": "RHBZ#1743966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10081",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10081"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
},
{
"category": "workaround",
"details": "This flaw is only exploitable if Apache httpd is configured to respond to HTTP/2 requests, which is done by including \"h2\" or \"h2c\" in the \"Protocols\" list in a configuration file. The following command can be used to search for possible vulnerable configurations: \n\n grep -R \u0027^\\s*Protocols\\\u003e.*\\\u003ch2\\\u003e\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_http2.html",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: memory corruption on early pushes"
},
{
"cve": "CVE-2019-10082",
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1743974"
}
],
"notes": [
{
"category": "description",
"text": "A read-after-free vulnerability was discovered in Apache httpd, in mod_http2. A specially crafted http/2 client session could cause the server to read memory that was previously freed during connection shutdown, potentially leading to a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: read-after-free in h2 connection shutdown",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10082"
},
{
"category": "external",
"summary": "RHBZ#1743974",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743974"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10082",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10082"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10082",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10082"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
},
{
"category": "workaround",
"details": "This flaw is only exploitable if Apache httpd is configured to respond to HTTP/2 requests, which is done by including \"h2\" or \"h2c\" in the \"Protocols\" list in a configuration file. The following command can be used to search for possible vulnerable configurations: \n\n grep -R \u0027^\\s*Protocols\\\u003e.*\\\u003ch2\\\u003e\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_http2.html",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: read-after-free in h2 connection shutdown"
},
{
"cve": "CVE-2019-10092",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1743956"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was found in Apache httpd, affecting the mod_proxy error page. Under certain circumstances, a crafted link could inject content into the HTML displayed in the error page, potentially leading to client-side exploitation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: limited cross-site scripting in mod_proxy error page",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10092"
},
{
"category": "external",
"summary": "RHBZ#1743956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743956"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10092",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10092"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10092",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10092"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
},
{
"category": "workaround",
"details": "This flaw is only exploitable if Proxy* directives are used in Apache httpd configuration. The following command can be used to search for possible vulnerable configurations:\n\n grep -R \u0027^\\s*Proxy\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_proxy.html",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: limited cross-site scripting in mod_proxy error page"
},
{
"cve": "CVE-2019-10097",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1743996"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Apache httpd, in mod_remoteip. A trusted proxy using the \"PROXY\" protocol could send specially crafted headers that can cause httpd to experience a stack buffer overflow or NULL pointer dereference, leading to a crash or other potential consequences.\r\n\r\nThis issue could only be exploited by configured trusted intermediate proxy servers. HTTP clients such as browsers could not exploit the vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: null-pointer dereference in mod_remoteip",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10097"
},
{
"category": "external",
"summary": "RHBZ#1743996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10097"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10097",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10097"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
},
{
"category": "workaround",
"details": "This flaw is only exploitable if RemoteIP* directives are used in Apache httpd configuration. The following command can be used to search for possible vulnerable configurations:\n\n grep -R \u0027^\\s*RemoteIP\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: null-pointer dereference in mod_remoteip"
},
{
"cve": "CVE-2019-10098",
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1743959"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Apache httpd, in mod_rewrite. Certain self-referential mod_rewrite rules could be fooled by encoded newlines, causing them to redirect to an unexpected location. An attacker could abuse this flaw in a phishing attack or as part of a client-side attack on browsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_rewrite potential open redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10098"
},
{
"category": "external",
"summary": "RHBZ#1743959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10098",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10098"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10098",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10098"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
},
{
"category": "workaround",
"details": "This flaw requires the use of certain Rewrite configuration directives. The following command can be used to search for possible vulnerable configurations:\n\n grep -R \u0027^\\s*Rewrite\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_rewrite potential open redirect"
},
{
"cve": "CVE-2020-1927",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1820761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache HTTP Server (httpd) versions 2.4.0 to 2.4.41. Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirected instead to an unexpected URL within the request URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_rewrite configurations vulnerable to open redirect",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects httpd versions between 2.4.0 and 2.4.41. Therefore Red Hat Enterprise Linux 5 and 6 are not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1927"
},
{
"category": "external",
"summary": "RHBZ#1820761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1927",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1927"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1927",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1927"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_rewrite configurations vulnerable to open redirect"
},
{
"cve": "CVE-2020-1934",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1820772"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache\u0027s HTTP server (httpd) .The mod_proxy_ftp module may use uninitialized memory with proxying to a malicious FTP server. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_ftp use of uninitialized value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is caused by use of an uninitialized memory variable. Practically this has no impact, but in some corner cases it is possible that the contents of this variable could be read by a remote process, causing loss of confidentiality as a result of this. There is no evidence of code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1934"
},
{
"category": "external",
"summary": "RHBZ#1820772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1934"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:44:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4751"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-debugsource-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-devel-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-filesystem-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-manual-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.noarch",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:httpd-tools-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debuginfo-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_http2-debugsource-0:1.15.7-2.module+el8.3.0+7670+8bf57d29.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ldap-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_proxy_html-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_session-debuginfo-0:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.aarch64",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.ppc64le",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.s390x",
"AppStream-8.3.0.GA:httpd:2.4:8030020200818000036:30b713e6:mod_ssl-debuginfo-1:2.4.37-30.module+el8.3.0+7001+0766b9e7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy_ftp use of uninitialized value"
}
]
}
rhsa-2020_3958
Vulnerability from csaf_redhat
Published
2020-09-29 19:26
Modified
2024-11-15 06:15
Summary
Red Hat Security Advisory: httpd security, bug fix, and enhancement update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications (CVE-2018-1283)
* httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS (CVE-2018-1303)
* httpd: mod_rewrite configurations vulnerable to open redirect (CVE-2020-1927)
* httpd: <FilesMatch> bypass with a trailing newline in the file name (CVE-2017-15715)
* httpd: mod_rewrite potential open redirect (CVE-2019-10098)
* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications (CVE-2018-1283)\n\n* httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS (CVE-2018-1303)\n\n* httpd: mod_rewrite configurations vulnerable to open redirect (CVE-2020-1927)\n\n* httpd: \u003cFilesMatch\u003e bypass with a trailing newline in the file name (CVE-2017-15715)\n\n* httpd: mod_rewrite potential open redirect (CVE-2019-10098)\n\n* httpd: mod_proxy_ftp use of uninitialized value (CVE-2020-1934)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3958",
"url": "https://access.redhat.com/errata/RHSA-2020:3958"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index"
},
{
"category": "external",
"summary": "1560395",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560395"
},
{
"category": "external",
"summary": "1560399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560399"
},
{
"category": "external",
"summary": "1560614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560614"
},
{
"category": "external",
"summary": "1715981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715981"
},
{
"category": "external",
"summary": "1724879",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724879"
},
{
"category": "external",
"summary": "1743959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743959"
},
{
"category": "external",
"summary": "1820761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820761"
},
{
"category": "external",
"summary": "1820772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3958.json"
}
],
"title": "Red Hat Security Advisory: httpd security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-15T06:15:31+00:00",
"generator": {
"date": "2024-11-15T06:15:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:3958",
"initial_release_date": "2020-09-29T19:26:30+00:00",
"revision_history": [
{
"date": "2020-09-29T19:26:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-29T19:26:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T06:15:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-95.el7.x86_64",
"product": {
"name": "httpd-0:2.4.6-95.el7.x86_64",
"product_id": "httpd-0:2.4.6-95.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-95.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-95.el7.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-95.el7.x86_64",
"product_id": "httpd-devel-0:2.4.6-95.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-95.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-95.el7.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-95.el7.x86_64",
"product_id": "httpd-tools-0:2.4.6-95.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-95.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-95.el7.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-95.el7.x86_64",
"product_id": "mod_ldap-0:2.4.6-95.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-95.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-95.el7.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-95.el7.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-95.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-95.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-95.el7.x86_64",
"product": {
"name": "mod_session-0:2.4.6-95.el7.x86_64",
"product_id": "mod_session-0:2.4.6-95.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-95.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-95.el7.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-95.el7.x86_64",
"product_id": "mod_ssl-1:2.4.6-95.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-95.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-95.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-95.el7.src",
"product": {
"name": "httpd-0:2.4.6-95.el7.src",
"product_id": "httpd-0:2.4.6-95.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-95.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-95.el7.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-95.el7.noarch",
"product_id": "httpd-manual-0:2.4.6-95.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-95.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-95.el7.s390x",
"product": {
"name": "httpd-0:2.4.6-95.el7.s390x",
"product_id": "httpd-0:2.4.6-95.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-95.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-95.el7.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-95.el7.s390x",
"product_id": "httpd-devel-0:2.4.6-95.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-95.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-95.el7.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-95.el7.s390x",
"product_id": "httpd-tools-0:2.4.6-95.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-95.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-95.el7.s390x",
"product": {
"name": "mod_session-0:2.4.6-95.el7.s390x",
"product_id": "mod_session-0:2.4.6-95.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-95.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-95.el7.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-95.el7.s390x",
"product_id": "mod_ssl-1:2.4.6-95.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-95.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-95.el7.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-95.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-95.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-95.el7.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-95.el7.s390x",
"product_id": "mod_ldap-0:2.4.6-95.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-95.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-95.el7.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-95.el7.s390x",
"product_id": "mod_proxy_html-1:2.4.6-95.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-95.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-95.el7.ppc64",
"product": {
"name": "httpd-0:2.4.6-95.el7.ppc64",
"product_id": "httpd-0:2.4.6-95.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-95.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-95.el7.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64",
"product_id": "httpd-devel-0:2.4.6-95.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-95.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-95.el7.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64",
"product_id": "httpd-tools-0:2.4.6-95.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-95.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-95.el7.ppc64",
"product": {
"name": "mod_session-0:2.4.6-95.el7.ppc64",
"product_id": "mod_session-0:2.4.6-95.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-95.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-95.el7.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64",
"product_id": "mod_ssl-1:2.4.6-95.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-95.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-95.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-95.el7.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64",
"product_id": "mod_ldap-0:2.4.6-95.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-95.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-95.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-95.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-95.el7.ppc64le",
"product": {
"name": "httpd-0:2.4.6-95.el7.ppc64le",
"product_id": "httpd-0:2.4.6-95.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-95.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-95.el7.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64le",
"product_id": "httpd-devel-0:2.4.6-95.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-95.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-95.el7.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64le",
"product_id": "httpd-tools-0:2.4.6-95.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-95.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-95.el7.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-95.el7.ppc64le",
"product_id": "mod_session-0:2.4.6-95.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-95.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-95.el7.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64le",
"product_id": "mod_ssl-1:2.4.6-95.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-95.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-95.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-95.el7.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64le",
"product_id": "mod_ldap-0:2.4.6-95.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-95.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-95.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-0:2.4.6-95.el7.src"
},
"product_reference": "httpd-0:2.4.6-95.el7.src",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-95.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-95.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_session-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src"
},
"product_reference": "httpd-0:2.4.6-95.el7.src",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-95.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-95.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_session-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-0:2.4.6-95.el7.src"
},
"product_reference": "httpd-0:2.4.6-95.el7.src",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-95.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-95.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_session-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_session-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-0:2.4.6-95.el7.src"
},
"product_reference": "httpd-0:2.4.6-95.el7.src",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-95.el7.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-95.el7.noarch",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_session-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Server-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-0:2.4.6-95.el7.src"
},
"product_reference": "httpd-0:2.4.6-95.el7.src",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-95.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-95.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_session-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src"
},
"product_reference": "httpd-0:2.4.6-95.el7.src",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-95.el7.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-95.el7.noarch",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x"
},
"product_reference": "mod_session-0:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_session-0:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-95.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-95.el7.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-15715",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1560614"
}
],
"notes": [
{
"category": "description",
"text": "In Apache httpd 2.4.0 to 2.4.29, the expression specified in \u003cFilesMatch\u003e could match \u0027$\u0027 to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: \u003cFilesMatch\u003e bypass with a trailing newline in the file name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The \"FilesMatch\" directive is not enabled in the default httpd configuration as shipped with Red Hat Enterprise Linux, and needs to be explicitly enabled. Therefore this flaw has no impact on the default versions of the httpd package as shipped with Red Hat Enterprise Linux.\n\nRed Hat Satellite 6 uses Red Hat Enterprise Linux 7\u0027s httpd package, and enables the \"FilesMatch\" directive. However, this is not believed to have an impact on security, as, in the context of a Satellite, no one is expected to have the ability to modify file names in the concerned directories. This is not considered as a vector for attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15715"
},
{
"category": "external",
"summary": "RHBZ#1560614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15715"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2018-03-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T19:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3958"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: \u003cFilesMatch\u003e bypass with a trailing newline in the file name"
},
{
"cve": "CVE-2018-1283",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-03-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1560395"
}
],
"notes": [
{
"category": "description",
"text": "It has been discovered that the mod_session module of Apache HTTP Server (httpd), through version 2.4.29, has an improper input validation flaw in the way it handles HTTP session headers in some configurations. A remote attacker may influence their content by using a \"Session\" header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of httpd as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include mod_session module.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1283"
},
{
"category": "external",
"summary": "RHBZ#1560395",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560395"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1283"
}
],
"release_date": "2018-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T19:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3958"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications"
},
{
"cve": "CVE-2018-1303",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2018-03-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1560399"
}
],
"notes": [
{
"category": "description",
"text": "A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache. The vulnerability is considered as low risk since mod_cache_socache is not widely used, mod_cache_disk is not concerned by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The versions of httpd package shipped with Red Hat Enterprise Linux are by default configured in prefork MPM mode, which means that this flaw can result in a crash of child process. The main web server process will not be killed. Also, though the module is loaded by default, it needs to be specifically enabled in order to be exposed to the security flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1303"
},
{
"category": "external",
"summary": "RHBZ#1560399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1560399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1303",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1303"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1303",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1303"
}
],
"release_date": "2018-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T19:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3958"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause DoS"
},
{
"cve": "CVE-2019-10098",
"discovery_date": "2019-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1743959"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in Apache httpd, in mod_rewrite. Certain self-referential mod_rewrite rules could be fooled by encoded newlines, causing them to redirect to an unexpected location. An attacker could abuse this flaw in a phishing attack or as part of a client-side attack on browsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_rewrite potential open redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10098"
},
{
"category": "external",
"summary": "RHBZ#1743959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10098",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10098"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10098",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10098"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2019-08-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T19:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3958"
},
{
"category": "workaround",
"details": "This flaw requires the use of certain Rewrite configuration directives. The following command can be used to search for possible vulnerable configurations:\n\n grep -R \u0027^\\s*Rewrite\u0027 /etc/httpd/\n\nSee https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html",
"product_ids": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_rewrite potential open redirect"
},
{
"cve": "CVE-2020-1927",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1820761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache HTTP Server (httpd) versions 2.4.0 to 2.4.41. Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirected instead to an unexpected URL within the request URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_rewrite configurations vulnerable to open redirect",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue only affects httpd versions between 2.4.0 and 2.4.41. Therefore Red Hat Enterprise Linux 5 and 6 are not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1927"
},
{
"category": "external",
"summary": "RHBZ#1820761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1927",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1927"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1927",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1927"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T19:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3958"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_rewrite configurations vulnerable to open redirect"
},
{
"cve": "CVE-2020-1934",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1820772"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache\u0027s HTTP server (httpd) .The mod_proxy_ftp module may use uninitialized memory with proxying to a malicious FTP server. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_ftp use of uninitialized value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is caused by use of an uninitialized memory variable. Practically this has no impact, but in some corner cases it is possible that the contents of this variable could be read by a remote process, causing loss of confidentiality as a result of this. There is no evidence of code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1934"
},
{
"category": "external",
"summary": "RHBZ#1820772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1820772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1934"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T19:26:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3958"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Client-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Client-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7ComputeNode-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7ComputeNode-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Server-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Server-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-7.9:mod_ssl-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.src",
"7Workstation-optional-7.9:httpd-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-debuginfo-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-devel-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:httpd-manual-0:2.4.6-95.el7.noarch",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:httpd-tools-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ldap-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_proxy_html-1:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_session-0:2.4.6-95.el7.x86_64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.ppc64le",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.s390x",
"7Workstation-optional-7.9:mod_ssl-1:2.4.6-95.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy_ftp use of uninitialized value"
}
]
}
ghsa-x5pm-xqw2-5256
Vulnerability from github
Published
2022-05-24 17:13
Modified
2022-05-24 17:13
Severity ?
Details
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
{
"affected": [],
"aliases": [
"CVE-2020-1934"
],
"database_specific": {
"cwe_ids": [
"CWE-908"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-01T20:15:00Z",
"severity": "HIGH"
},
"details": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.",
"id": "GHSA-x5pm-xqw2-5256",
"modified": "2022-05-24T17:13:05Z",
"published": "2022-05-24T17:13:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1934"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4757"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4458-1"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20200413-0002"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
gsd-2020-1934
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-1934",
"description": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.",
"id": "GSD-2020-1934",
"references": [
"https://www.suse.com/security/cve/CVE-2020-1934.html",
"https://www.debian.org/security/2020/dsa-4757",
"https://access.redhat.com/errata/RHSA-2020:4751",
"https://access.redhat.com/errata/RHSA-2020:3958",
"https://access.redhat.com/errata/RHSA-2020:2646",
"https://access.redhat.com/errata/RHSA-2020:2644",
"https://ubuntu.com/security/CVE-2020-1934",
"https://security.archlinux.org/CVE-2020-1934",
"https://alas.aws.amazon.com/cve/html/CVE-2020-1934.html",
"https://linux.oracle.com/cve/CVE-2020-1934.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-1934"
],
"details": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.",
"id": "GSD-2020-1934",
"modified": "2023-12-13T01:21:58.124621Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-1934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_value": "2.4.0 to 2.4.41"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "mod_proxy_ftp use of uninitialized value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[httpd-dev] 20200404 Odd vulnerabilities_24.html output",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20200404 Re: Odd vulnerabilities_24.html output",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200420 svn commit: r1876764 - /httpd/httpd/branches/2.4.x/CHANGES",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "openSUSE-SU-2020:0597",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "CONFIRM",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200413-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200413-0002/"
},
{
"name": "USN-4458-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4458-1/"
},
{
"name": "FEDORA-2020-189a1e6c3e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/"
},
{
"name": "DSA-4757",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4757"
},
{
"name": "FEDORA-2020-0d3d3f5072",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073157 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-1934.json security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888213 - /httpd/site/trunk/content/security/json/CVE-2020-1934.json",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.41",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.3",
"versionStartIncluding": "17.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-1934"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "[httpd-dev] 20200404 Odd vulnerabilities_24.html output",
"refsource": "MLIST",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20200404 Re: Odd vulnerabilities_24.html output",
"refsource": "MLIST",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200413-0002/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200413-0002/"
},
{
"name": "[httpd-cvs] 20200420 svn commit: r1876764 - /httpd/httpd/branches/2.4.x/CHANGES",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "openSUSE-SU-2020:0597",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "USN-4458-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4458-1/"
},
{
"name": "FEDORA-2020-189a1e6c3e",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/"
},
{
"name": "DSA-4757",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4757"
},
{
"name": "FEDORA-2020-0d3d3f5072",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [13/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073157 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-1934.json security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888213 - /httpd/site/trunk/content/security/json/CVE-2020-1934.json",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2022-04-26T17:05Z",
"publishedDate": "2020-04-01T20:15Z"
}
}
}
wid-sec-w-2023-0063
Vulnerability from csaf_certbund
Published
2022-01-12 23:00
Modified
2023-01-11 23:00
Summary
Juniper Junos Space: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen für das Netzwerkmanagement beinhaltet.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen, beliebigen Code auszuführen und seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Juniper Appliance
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Junos Space ist eine Software-Plattform, die eine Reihe von Applikationen f\u00fcr das Netzwerkmanagement beinhaltet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Juniper Junos Space ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Juniper Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0063 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0063.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0063 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0063"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA70182 vom 2023-01-12",
"url": "https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Contrail-Service-Orchestration-Multiple-vulnerabilities-resolved-in-CSO-6-3-0?language=en_US"
},
{
"category": "external",
"summary": "Juniper Security Advisory vom 2022-01-12",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11287\u0026cat=SIRT_1"
}
],
"source_lang": "en-US",
"title": "Juniper Junos Space: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-01-11T23:00:00.000+00:00",
"generator": {
"date": "2024-02-15T17:09:11.163+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2023-0063",
"initial_release_date": "2022-01-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2022-01-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-01-11T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Juniper aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Juniper Contrail Service Orchestration",
"product": {
"name": "Juniper Contrail Service Orchestration",
"product_id": "T025794",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:contrail_service_orchestration:-"
}
}
},
{
"category": "product_name",
"name": "Juniper Junos Space \u003c 21.3R1",
"product": {
"name": "Juniper Junos Space \u003c 21.3R1",
"product_id": "T021576",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:21.3r1"
}
}
}
],
"category": "vendor",
"name": "Juniper"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17543",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2019-17543"
},
{
"cve": "CVE-2019-20934",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2019-20934"
},
{
"cve": "CVE-2020-0543",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-0543"
},
{
"cve": "CVE-2020-0548",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-0548"
},
{
"cve": "CVE-2020-0549",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-0549"
},
{
"cve": "CVE-2020-11022",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-11022"
},
{
"cve": "CVE-2020-11023",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2020-11668",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-11668"
},
{
"cve": "CVE-2020-11984",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-11984"
},
{
"cve": "CVE-2020-11993",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-11993"
},
{
"cve": "CVE-2020-12362",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-12362"
},
{
"cve": "CVE-2020-12363",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-12363"
},
{
"cve": "CVE-2020-12364",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-12364"
},
{
"cve": "CVE-2020-1927",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-1927"
},
{
"cve": "CVE-2020-1934",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-1934"
},
{
"cve": "CVE-2020-24489",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-24489"
},
{
"cve": "CVE-2020-24511",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-24511"
},
{
"cve": "CVE-2020-24512",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-24512"
},
{
"cve": "CVE-2020-27170",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-27170"
},
{
"cve": "CVE-2020-27777",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-27777"
},
{
"cve": "CVE-2020-29443",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-29443"
},
{
"cve": "CVE-2020-8625",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-8625"
},
{
"cve": "CVE-2020-8648",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-8648"
},
{
"cve": "CVE-2020-8695",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2020-8696",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-8696"
},
{
"cve": "CVE-2020-8698",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-8698"
},
{
"cve": "CVE-2020-9490",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2020-9490"
},
{
"cve": "CVE-2021-20254",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-20254"
},
{
"cve": "CVE-2021-22555",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-22901",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-22901"
},
{
"cve": "CVE-2021-2341",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-2341"
},
{
"cve": "CVE-2021-2342",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-2342"
},
{
"cve": "CVE-2021-2356",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-2356"
},
{
"cve": "CVE-2021-2369",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-2369"
},
{
"cve": "CVE-2021-2372",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-2372"
},
{
"cve": "CVE-2021-2385",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-2385"
},
{
"cve": "CVE-2021-2388",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-2388"
},
{
"cve": "CVE-2021-2389",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-2389"
},
{
"cve": "CVE-2021-2390",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-2390"
},
{
"cve": "CVE-2021-25214",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-25214"
},
{
"cve": "CVE-2021-25217",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-25217"
},
{
"cve": "CVE-2021-27219",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-27219"
},
{
"cve": "CVE-2021-29154",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-29154"
},
{
"cve": "CVE-2021-29650",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-29650"
},
{
"cve": "CVE-2021-31535",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-31535"
},
{
"cve": "CVE-2021-32399",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-32399"
},
{
"cve": "CVE-2021-33033",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-33033"
},
{
"cve": "CVE-2021-33034",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-33034"
},
{
"cve": "CVE-2021-3347",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-3347"
},
{
"cve": "CVE-2021-33909",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-33909"
},
{
"cve": "CVE-2021-3653",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-3653"
},
{
"cve": "CVE-2021-3656",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-3656"
},
{
"cve": "CVE-2021-3715",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-3715"
},
{
"cve": "CVE-2021-37576",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-37576"
},
{
"cve": "CVE-2021-4104",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-4104"
},
{
"cve": "CVE-2021-42550",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-42550"
},
{
"cve": "CVE-2021-44228",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-44228"
},
{
"cve": "CVE-2021-45046",
"notes": [
{
"category": "description",
"text": "In Juniper Junos Space existieren mehrere Schwachstellen. Die Fehler existieren in verschiedenen Komponenten und Bibliotheken, darunter LZ4, Linux Kernel, Intel Prozessoren, Apache HTTP Server, BIND, Intel VT-d, Intel Grafiktreiber, KVM Hypervisor, QEMU, Java SE, MySQL Server, samba, curl, GNOME, jQuery, Apache Log4j und logback. Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszul\u00f6sen, beliebigen Code auszuf\u00fchren und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T025794"
]
},
"release_date": "2022-01-12T23:00:00Z",
"title": "CVE-2021-45046"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.