Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-33193 (GCVE-0-2021-33193)
Vulnerability from cvelistv5 – Published: 2021-08-16 00:00 – Updated: 2024-08-03 23:42
VLAI
EPSS
Title
Request splitting via HTTP/2 method injection and mod_proxy
Summary
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
Severity
No CVSS data available.
CWE
- Request Splitting
Assigner
References
13 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Affected:
Apache HTTP Server 2.4 2.4.17 to 2.4.48
|
Credits
Reported by James Kettle of PortSwigger
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:42:20.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://portswigger.net/research/http2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
},
{
"name": "[httpd-cvs] 20210916 [httpd-site] branch main updated: Revert \"Add descriptions for CVE-2021-33193 CVE-2021-36160\"",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210916 [httpd-site] branch main updated: Add descriptions for CVE-2021-33193 CVE-2021-36160",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "FEDORA-2021-5d2d4b6ac5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/"
},
{
"name": "FEDORA-2021-f94985afca",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/"
},
{
"name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210917-0004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2021-17"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "GLSA-202208-20",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"name": "[debian-lts-announce] 20230303 [SECURITY] [DLA 3351-1] apache2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache HTTP Server 2.4 2.4.17 to 2.4.48"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported by James Kettle of PortSwigger"
}
],
"descriptions": [
{
"lang": "en",
"value": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Request Splitting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-03T00:00:00.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://portswigger.net/research/http2"
},
{
"url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
},
{
"name": "[httpd-cvs] 20210916 [httpd-site] branch main updated: Revert \"Add descriptions for CVE-2021-33193 CVE-2021-36160\"",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210916 [httpd-site] branch main updated: Add descriptions for CVE-2021-33193 CVE-2021-36160",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "FEDORA-2021-5d2d4b6ac5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/"
},
{
"name": "FEDORA-2021-f94985afca",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/"
},
{
"name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210917-0004/"
},
{
"url": "https://www.tenable.com/security/tns-2021-17"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "GLSA-202208-20",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"name": "[debian-lts-announce] 20230303 [SECURITY] [DLA 3351-1] apache2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2021-05-11T00:00:00.000Z",
"value": "reported"
},
{
"lang": "en",
"time": "2021-08-06T00:00:00.000Z",
"value": "public"
}
],
"title": "Request splitting via HTTP/2 method injection and mod_proxy",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-33193",
"datePublished": "2021-08-16T00:00:00.000Z",
"dateReserved": "2021-05-19T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:42:20.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-33193",
"date": "2026-06-08",
"epss": "0.00609",
"percentile": "0.70137"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.4.17\", \"versionEndIncluding\": \"2.4.48\", \"matchCriteriaId\": \"C700D9C3-7023-48A7-8A76-70597D99829E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A930E247-0B43-43CB-98FF-6CE7B8189835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.19.1\", \"matchCriteriaId\": \"A686FAF0-1383-4BBB-B7F5-CBCCAB55B356\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"18.1.0.1.0\", \"matchCriteriaId\": \"C01E8B82-71C7-4A4A-A70A-7B147524AB4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.\"}, {\"lang\": \"es\", \"value\": \"Un m\\u00e9todo dise\\u00f1ado enviado mediante HTTP/2 omitir\\u00e1 la comprobaci\\u00f3n y ser\\u00e1 reenviado por mod_proxy, lo que puede conllevar a la divisi\\u00f3n de peticiones o el envenenamiento de la cach\\u00e9. Este problema afecta a Apache HTTP Server versiones 2.4.17 a 2.4.48.\"}]",
"id": "CVE-2021-33193",
"lastModified": "2024-11-21T06:08:29.210",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-08-16T08:15:11.480",
"references": "[{\"url\": \"https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/\", \"source\": \"security@apache.org\"}, {\"url\": \"https://portswigger.net/research/http2\", \"source\": \"security@apache.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202208-20\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210917-0004/\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.tenable.com/security/tns-2021-17\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://portswigger.net/research/http2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202208-20\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210917-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.tenable.com/security/tns-2021-17\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-33193\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-08-16T08:15:11.480\",\"lastModified\":\"2025-05-01T15:40:12.163\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.\"},{\"lang\":\"es\",\"value\":\"Un m\u00e9todo dise\u00f1ado enviado mediante HTTP/2 omitir\u00e1 la comprobaci\u00f3n y ser\u00e1 reenviado por mod_proxy, lo que puede conllevar a la divisi\u00f3n de peticiones o el envenenamiento de la cach\u00e9. Este problema afecta a Apache HTTP Server versiones 2.4.17 a 2.4.48.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.17\",\"versionEndExcluding\":\"2.4.49\",\"matchCriteriaId\":\"D8347A4B-8AA1-4BA6-9C58-8BC8EE9B1408\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.19.1\",\"matchCriteriaId\":\"A686FAF0-1383-4BBB-B7F5-CBCCAB55B356\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"18.1.0.1.0\",\"matchCriteriaId\":\"C01E8B82-71C7-4A4A-A70A-7B147524AB4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}]}]}],\"references\":[{\"url\":\"https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://portswigger.net/research/http2\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202208-20\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210917-0004/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-17\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://portswigger.net/research/http2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202208-20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210917-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2021-AVI-875
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Check Point. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Check Point | N/A | Quantum Security Management versions R81.10, R81, R80.40, R80.30SP, R80.30 3.10, R80.30, R80.20SP, R80.20, R80.10, R80.20.X sans le dernier correctif de sécurité (hotfix) | ||
| Check Point | N/A | Quantum Security Gateways versions R81.10, R81, R80.40, R80.30SP, R80.30 3.10, R80.30, R80.20SP, R80.20, R80.10, R80.20.X sans le dernier correctif de sécurité (hotfix) | ||
| Check Point | N/A | Multi-Domain Management versions R81.10, R81, R80.40, R80.30SP, R80.30 3.10, R80.30, R80.20SP, R80.20, R80.10, R80.20.X sans le dernier correctif de sécurité (hotfix) | ||
| Check Point | N/A | Gaia Embedded for Quantum Spark Appliances sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Quantum Security Management versions R81.10, R81, R80.40, R80.30SP, R80.30 3.10, R80.30, R80.20SP, R80.20, R80.10, R80.20.X sans le dernier correctif de s\u00e9curit\u00e9 (hotfix)",
"product": {
"name": "N/A",
"vendor": {
"name": "Check Point",
"scada": false
}
}
},
{
"description": "Quantum Security Gateways versions R81.10, R81, R80.40, R80.30SP, R80.30 3.10, R80.30, R80.20SP, R80.20, R80.10, R80.20.X sans le dernier correctif de s\u00e9curit\u00e9 (hotfix)",
"product": {
"name": "N/A",
"vendor": {
"name": "Check Point",
"scada": false
}
}
},
{
"description": "Multi-Domain Management versions R81.10, R81, R80.40, R80.30SP, R80.30 3.10, R80.30, R80.20SP, R80.20, R80.10, R80.20.X sans le dernier correctif de s\u00e9curit\u00e9 (hotfix)",
"product": {
"name": "N/A",
"vendor": {
"name": "Check Point",
"scada": false
}
}
},
{
"description": "Gaia Embedded for Quantum Spark Appliances sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Check Point",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"name": "CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"name": "CVE-2021-40438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40438"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-875",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-11-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Check\nPoint. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nd\u00e9ni de service \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Check Point",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Check Point sk176113 du 14 novembre 2021",
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk176113\u0026src=securityAlerts"
}
]
}
CERTFR-2021-AVI-931
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | N/A | Cisco Cloud Services Platform 2100 versions antérieures à 2.8.2 (avril 2022) | ||
| Cisco | N/A | Cisco UCS Director Bare Metal Agent versions antérieures à 6.8.1.1 (février 2022) | ||
| Cisco | N/A | Cisco TelePresence Video Communication Server (VCS) versions antérieures à 14.0.4 et 14.1 (indisponible pour l'instant) | ||
| Cisco | N/A | Cisco Prime Optical for Service Providers | ||
| Cisco | N/A | Cisco Wireless Gateway for LoRaWAN | ||
| Cisco | N/A | Cisco FXOS Software for Firepower 4100/9300 Series Appliances | ||
| Cisco | N/A | Cisco Policy Suite versions antérieures à 22.1 (mai 2022) | ||
| Cisco | N/A | Cisco UCS Central Software | ||
| Cisco | Expressway Series | Cisco Expressway Series versions antérieures à 14.0.4 et 14.1 (indisponible pour l'instant) | ||
| Cisco | N/A | Cisco Wide Area Application Services (WAAS) | ||
| Cisco | N/A | Cisco Security Manager versions antérieures à 4.25 | ||
| Cisco | N/A | Cisco Prime Collaboration Provisioning | ||
| Cisco | N/A | Cisco UCS Manager | ||
| Cisco | N/A | Cisco Network Assurance Engine | ||
| Cisco | N/A | Cisco Prime Infrastructure versions antérieures à 3.10 | ||
| Cisco | N/A | Cisco Firepower Management Center versions antérieures à 7.02 et 7.1.0.1 (mai 2022) |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cisco Cloud Services Platform 2100 versions ant\u00e9rieures \u00e0 2.8.2 (avril 2022)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco UCS Director Bare Metal Agent versions ant\u00e9rieures \u00e0 6.8.1.1 (f\u00e9vrier 2022)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco TelePresence Video Communication Server (VCS) versions ant\u00e9rieures \u00e0 14.0.4 et 14.1 (indisponible pour l\u0027instant)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Prime Optical for Service Providers",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Wireless Gateway for LoRaWAN",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco FXOS Software for Firepower 4100/9300 Series Appliances",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Policy Suite versions ant\u00e9rieures \u00e0 22.1 (mai 2022)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco UCS Central Software",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Expressway Series versions ant\u00e9rieures \u00e0 14.0.4 et 14.1 (indisponible pour l\u0027instant)",
"product": {
"name": "Expressway Series",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Wide Area Application Services (WAAS)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Security Manager versions ant\u00e9rieures \u00e0 4.25",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Prime Collaboration Provisioning",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco UCS Manager",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Network Assurance Engine",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Prime Infrastructure versions ant\u00e9rieures \u00e0 3.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Firepower Management Center versions ant\u00e9rieures \u00e0 7.02 et 7.1.0.1 (mai 2022)",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-36160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36160"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"name": "CVE-2021-40438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40438"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-931",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-12-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n\n\u00a0\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-apache-httpd-2.4.49-VWL69sWQ du 08 d\u00e9cembre 2021",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"
}
]
}
CERTFR-2024-AVI-0575
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.2-EVO antérieures à 22.2R3-S4-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.3-EVO antérieures à 22.3R3-S3-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.4-EVO antérieures à 22.4R3-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 23.2-EVO antérieures à 23.2R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 23.4-EVO antérieures à 23.4R1-S2-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 21.2 antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS versions 22.3 antérieures à 22.3R2-S2 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 23.4-EVO antérieures à 23.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions antérieures à 21.2R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.2-EVO antérieures à 21.2R3-S7-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.3-EVO antérieures à 21.3R3-S5-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.4-EVO antérieures à 21.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 21.4-EVO antérieures à 21.4R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.1-EVO antérieures à 22.1R3-S6-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.2-EVO antérieures à 22.2R2-S1-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.2-EVO antérieures à 22.2R3-S4-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R1-S1-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.3-EVO antérieures à 22.3R3-S3-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R2-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 22.4-EVO antérieures à 22.4R3-S3-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R1-S1-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.2-EVO antérieures à 23.2R2-S1-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R1-S2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 23.4-EVO antérieures à 23.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions 24.2-EVO antérieures à 24.2R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 20.4R3-S10-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 21.2R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 21.4R3-S8-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 22.4R2-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 22.4R3-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à 23.2R1-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved versions antérieures à before 22.1R3-EVO | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.1 antérieures à 22.1R3-S5 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.2 antérieures à 22.2R3-S3 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.3 antérieures à 22.3R3-S2 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS on MX Series versions antérieures à 21.2R3-S6 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.1 antérieures à 22.1R3-S5 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.2 antérieures à 22.2R3-S3 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.3 antérieures à 22.3R3-S2 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 22.4 antérieures à 22.4R3-S1 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS on MX Series with SPC3 line card versions 23.4 antérieures à 23.4R2 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.1 antérieures à 22.1R3-S5 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.2 antérieures à 22.2R3-S3 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.3 antérieures à 22.3R3-S2 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS on QFX5000 Series and EX4600 Series versions antérieures à 21.2R3-S7 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 21.4 antérieures à 21.4R3-S7 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.1 antérieures à 22.1R3-S2 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.2 antérieures à 22.2R3-S1 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 antérieures à 22.3R2-S1 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 antérieures à 22.3R3 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 antérieures à 22.4R1-S2 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 antérieures à 22.4R2 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 21.4 antérieures à 21.4R3-S7 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.1 antérieures à 22.1R3-S6 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.2 antérieures à 22.2R3-S4 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.3 antérieures à 22.3R3-S3 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 22.4 antérieures à 22.4R3-S2 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 23.4 antérieures à 23.4R1-S1 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions 23.4 antérieures à 23.4R2 | ||
| Juniper Networks | N/A | Junos OS on SRX4600 and SRX5000 Series versions antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS versions 21.3 antérieures à 21.3R3-S5 | ||
| Juniper Networks | N/A | Junos OS versions 21.4 antérieures à 21.4R2 | ||
| Juniper Networks | N/A | Junos OS versions 22.1 antérieures à 22.1R3-S6 | ||
| Juniper Networks | N/A | Junos OS versions 22.2 antérieures à 22.2R2-S1 | ||
| Juniper Networks | N/A | Junos OS versions 22.2 antérieures à 22.2R3-S4 | ||
| Juniper Networks | N/A | Junos OS versions 22.3 antérieures à 22.3R1-S2 | ||
| Juniper Networks | N/A | Junos OS versions 22.3 antérieures à 22.3R3-S3 | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R2-S2 | ||
| Juniper Networks | N/A | Junos OS versions 22.4 antérieures à 22.4R3-S3 | ||
| Juniper Networks | N/A | Junos OS versions 23.1 antérieures à 23.1R2 | ||
| Juniper Networks | N/A | Junos OS versions 23.2 antérieures à 23.2R2-S1 | ||
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R1-S2 | ||
| Juniper Networks | N/A | Junos OS versions 23.4 antérieures à 23.4R2 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 20.4R3-S9 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 21.2R3-S8 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 21.4R3-S8 | ||
| Juniper Networks | N/A | Junos OS versions antérieures à 22.1R2-S2 | ||
| Juniper Networks | N/A | Junos Space versions antérieures à 24.1R1 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 20.4 antérieures à 20.4R3-S10 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.2 antérieures à 21.2R3-S6 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.3 antérieures à 21.3R3-S5 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.4 antérieures à 21.4R3-S6 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.1 antérieures à 22.1R3-S4 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.2 antérieures à 22.2R3-S2 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.3 antérieures à 22.3R3-S1 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.4 antérieures à 22.4R3 | ||
| Juniper Networks | N/A | SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 23.2 antérieures à 23.2R2 | ||
| Juniper Networks | N/A | Session Smart Router versions 6.1 antérieures à SSR-6.1.8-lts | ||
| Juniper Networks | N/A | Session Smart Router versions 6.2 antérieures à SSR-6.2.5-r2 | ||
| Juniper Networks | N/A | Session Smart Router versions antérieures à SSR-5.6.14 | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions 22.1-EVO antérieures à 22.1R3-S6-EVO | ||
| Juniper Networks | N/A | Junos OS Evolved on ACX7000 Series versions antérieures à 21.4R3-S7-EVO |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R1-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 21.2 ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3 ant\u00e9rieures \u00e0 22.3R2-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.2-EVO ant\u00e9rieures \u00e0 21.2R3-S7-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.3-EVO ant\u00e9rieures \u00e0 21.3R3-S5-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4-EVO ant\u00e9rieures \u00e0 21.4R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.1-EVO ant\u00e9rieures \u00e0 22.1R3-S6-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R2-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.2-EVO ant\u00e9rieures \u00e0 22.2R3-S4-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R1-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.3-EVO ant\u00e9rieures \u00e0 22.3R3-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R2-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 22.4-EVO ant\u00e9rieures \u00e0 22.4R3-S3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R1-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.2-EVO ant\u00e9rieures \u00e0 23.2R2-S1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R1-S2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 23.4-EVO ant\u00e9rieures \u00e0 23.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 24.2-EVO ant\u00e9rieures \u00e0 24.2R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S10-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 21.4R3-S8-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 22.4R2-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 22.4R3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 23.2R1-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 before 22.1R3-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series versions ant\u00e9rieures \u00e0 21.2R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on MX Series with SPC3 line card versions 23.4 ant\u00e9rieures \u00e0 23.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on QFX5000 Series and EX4600 Series versions ant\u00e9rieures \u00e0 21.2R3-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 ant\u00e9rieures \u00e0 22.3R2-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.3 ant\u00e9rieures \u00e0 22.3R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 ant\u00e9rieures \u00e0 22.4R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 ant\u00e9rieures \u00e0 22.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX Series, MX Series with SPC3 and NFX350 versions ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S7",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 23.4 ant\u00e9rieures \u00e0 23.4R1-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions 23.4 ant\u00e9rieures \u00e0 23.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS on SRX4600 and SRX5000 Series versions ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.3 ant\u00e9rieures \u00e0 21.3R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.4 ant\u00e9rieures \u00e0 21.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R2-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3 ant\u00e9rieures \u00e0 22.3R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R2-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 22.4 ant\u00e9rieures \u00e0 22.4R3-S3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.1 ant\u00e9rieures \u00e0 23.1R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.2 ant\u00e9rieures \u00e0 23.2R2-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R1-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 23.4 ant\u00e9rieures \u00e0 23.4R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 20.4R3-S9",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 21.2R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 21.4R3-S8",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 22.1R2-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 24.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 20.4 ant\u00e9rieures \u00e0 20.4R3-S10",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.2 ant\u00e9rieures \u00e0 21.2R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.3 ant\u00e9rieures \u00e0 21.3R3-S5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 21.4 ant\u00e9rieures \u00e0 21.4R3-S6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.1 ant\u00e9rieures \u00e0 22.1R3-S4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.2 ant\u00e9rieures \u00e0 22.2R3-S2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.3 ant\u00e9rieures \u00e0 22.3R3-S1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 22.4 ant\u00e9rieures \u00e0 22.4R3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "SRX Series and MX Series with SPC3 and MS-MPC/MIC versions 23.2 ant\u00e9rieures \u00e0 23.2R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions 6.1 ant\u00e9rieures \u00e0 SSR-6.1.8-lts",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions 6.2 ant\u00e9rieures \u00e0 SSR-6.2.5-r2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Session Smart Router versions ant\u00e9rieures \u00e0 SSR-5.6.14",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions 22.1-EVO ant\u00e9rieures \u00e0 22.1R3-S6-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved on ACX7000 Series versions ant\u00e9rieures \u00e0 21.4R3-S7-EVO",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-39560",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39560"
},
{
"name": "CVE-2023-32435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32435"
},
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2024-39554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39554"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2024-39539",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39539"
},
{
"name": "CVE-2021-36160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36160"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2024-39558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39558"
},
{
"name": "CVE-2022-30522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30522"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2022-21460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21460"
},
{
"name": "CVE-2021-31535",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31535"
},
{
"name": "CVE-2022-36760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36760"
},
{
"name": "CVE-2021-33034",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33034"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-39552",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39552"
},
{
"name": "CVE-2021-27290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27290"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2023-3390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
},
{
"name": "CVE-2023-4004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4004"
},
{
"name": "CVE-2021-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29469"
},
{
"name": "CVE-2023-2002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2021-23440",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23440"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2020-13950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13950"
},
{
"name": "CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"name": "CVE-2024-39546",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39546"
},
{
"name": "CVE-2024-39540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39540"
},
{
"name": "CVE-2018-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3737"
},
{
"name": "CVE-2024-39543",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39543"
},
{
"name": "CVE-2020-11984",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11984"
},
{
"name": "CVE-2022-22721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22721"
},
{
"name": "CVE-2021-35624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35624"
},
{
"name": "CVE-2023-35788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2024-39514",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39514"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2021-35604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35604"
},
{
"name": "CVE-2021-42013",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42013"
},
{
"name": "CVE-2023-34059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34059"
},
{
"name": "CVE-2024-39529",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39529"
},
{
"name": "CVE-2006-20001",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-20001"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2021-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2385"
},
{
"name": "CVE-2022-29167",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29167"
},
{
"name": "CVE-2020-7774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7774"
},
{
"name": "CVE-2019-10747",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10747"
},
{
"name": "CVE-2023-34058",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34058"
},
{
"name": "CVE-2011-5094",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-5094"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2022-21589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21589"
},
{
"name": "CVE-2022-25315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25315"
},
{
"name": "CVE-2019-10097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10097"
},
{
"name": "CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2023-3090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
},
{
"name": "CVE-2024-39536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39536"
},
{
"name": "CVE-2024-39555",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39555"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2020-13938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13938"
},
{
"name": "CVE-2016-10540",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10540"
},
{
"name": "CVE-2019-10082",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10082"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2016-1000232",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000232"
},
{
"name": "CVE-2015-9262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9262"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-39275",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39275"
},
{
"name": "CVE-2024-39561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39561"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2022-21617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21617"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2022-41741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41741"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2023-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30630"
},
{
"name": "CVE-2022-21608",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21608"
},
{
"name": "CVE-2022-2526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2526"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2024-39535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39535"
},
{
"name": "CVE-2024-39545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39545"
},
{
"name": "CVE-2024-39531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39531"
},
{
"name": "CVE-2022-41742",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41742"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2021-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2389"
},
{
"name": "CVE-2023-21840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21840"
},
{
"name": "CVE-2019-10081",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10081"
},
{
"name": "CVE-2020-1934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1934"
},
{
"name": "CVE-2022-30556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30556"
},
{
"name": "CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2022-25235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25235"
},
{
"name": "CVE-2023-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21980"
},
{
"name": "CVE-2024-39530",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39530"
},
{
"name": "CVE-2024-39532",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39532"
},
{
"name": "CVE-2023-27522",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27522"
},
{
"name": "CVE-2024-39557",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39557"
},
{
"name": "CVE-2021-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2390"
},
{
"name": "CVE-2024-39550",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39550"
},
{
"name": "CVE-2022-28615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28615"
},
{
"name": "CVE-2022-21451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21451"
},
{
"name": "CVE-2014-10064",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-10064"
},
{
"name": "CVE-2024-39511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39511"
},
{
"name": "CVE-2022-23943",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23943"
},
{
"name": "CVE-2024-39548",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39548"
},
{
"name": "CVE-2020-11993",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11993"
},
{
"name": "CVE-2023-22652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22652"
},
{
"name": "CVE-2024-39528",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39528"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2024-39559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39559"
},
{
"name": "CVE-2014-7191",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7191"
},
{
"name": "CVE-2021-2356",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2356"
},
{
"name": "CVE-2020-36049",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36049"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2021-41524",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41524"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2020-12402",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12402"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"name": "CVE-2024-39519",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39519"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2022-21595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21595"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2023-2700",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2700"
},
{
"name": "CVE-2020-7754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7754"
},
{
"name": "CVE-2024-39533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39533"
},
{
"name": "CVE-2021-22543",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22543"
},
{
"name": "CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"name": "CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"name": "CVE-2022-22719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22719"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-46663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46663"
},
{
"name": "CVE-2011-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1473"
},
{
"name": "CVE-2024-39513",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39513"
},
{
"name": "CVE-2021-3803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3803"
},
{
"name": "CVE-2022-21417",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21417"
},
{
"name": "CVE-2024-39518",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39518"
},
{
"name": "CVE-2023-37450",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37450"
},
{
"name": "CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2020-7660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7660"
},
{
"name": "CVE-2022-31813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31813"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2019-9517",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9517"
},
{
"name": "CVE-2018-20834",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20834"
},
{
"name": "CVE-2020-12362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12362"
},
{
"name": "CVE-2020-1927",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1927"
},
{
"name": "CVE-2022-21592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21592"
},
{
"name": "CVE-2021-3347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3347"
},
{
"name": "CVE-2022-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25236"
},
{
"name": "CVE-2023-25690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25690"
},
{
"name": "CVE-2021-2342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2342"
},
{
"name": "CVE-2022-22720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22720"
},
{
"name": "CVE-2017-15010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15010"
},
{
"name": "CVE-2019-10092",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10092"
},
{
"name": "CVE-2024-39541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39541"
},
{
"name": "CVE-2021-44224",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44224"
},
{
"name": "CVE-2024-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39537"
},
{
"name": "CVE-2022-21444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21444"
},
{
"name": "CVE-2019-17567",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17567"
},
{
"name": "CVE-2018-7408",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7408"
},
{
"name": "CVE-2019-20149",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20149"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2024-39551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39551"
},
{
"name": "CVE-2023-4863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4863"
},
{
"name": "CVE-2022-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29404"
},
{
"name": "CVE-2020-14145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14145"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-39565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39565"
},
{
"name": "CVE-2021-31618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31618"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2024-39549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39549"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"name": "CVE-2021-41773",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41773"
},
{
"name": "CVE-2020-11668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11668"
},
{
"name": "CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"name": "CVE-2021-44790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44790"
},
{
"name": "CVE-2020-9490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9490"
},
{
"name": "CVE-2020-28502",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28502"
},
{
"name": "CVE-2024-39556",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39556"
},
{
"name": "CVE-2022-37436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37436"
},
{
"name": "CVE-2021-33033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33033"
},
{
"name": "CVE-2023-32439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32439"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2022-28330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28330"
},
{
"name": "CVE-2024-39542",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39542"
},
{
"name": "CVE-2022-21454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21454"
},
{
"name": "CVE-2017-1000048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000048"
},
{
"name": "CVE-2022-21427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21427"
},
{
"name": "CVE-2021-40438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40438"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2021-2372",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2372"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2020-28469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28469"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2019-10098",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10098"
},
{
"name": "CVE-2024-39538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39538"
},
{
"name": "CVE-2022-28614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28614"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0575",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-12T00:00:00.000000"
},
{
"description": "Correction d\u0027identifiants CVE erron\u00e9s",
"revision_date": "2024-10-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper Networks",
"vendor_advisories": [
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83001",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Inconsistent-information-in-the-TE-database-can-lead-to-an-rpd-crash-CVE-2024-39541"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82976",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-The-802-1X-Authentication-Daemon-crashes-on-running-a-specific-command-CVE-2024-39511"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83027",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Session-Smart-Router-Multiple-vulnerabilities-resolved"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83021",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX4600-SRX5000-Series-TCP-packets-with-SYN-FIN-or-SYN-RST-are-transferred-after-enabling-no-syn-check-with-Express-Path-CVE-2024-39561"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83018",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-specific-PIM-packet-causes-rpd-crash-when-PIM-is-configured-along-with-MoFRR-CVE-2024-39558"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82987",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-RPD-crashes-upon-concurrent-deletion-of-a-routing-instance-and-receipt-of-an-SNMP-request-CVE-2024-39528"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82982",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-MX240-MX480-MX960-platforms-using-MPC10E-Memory-leak-will-be-observed-when-subscribed-to-a-specific-subscription-on-Junos-Telemetry-Interface-CVE-2024-39518"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83012",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-MX-Series-with-SPC3-line-card-Port-flaps-causes-rtlogd-memory-leak-leading-to-Denial-of-Service-CVE-2024-39550"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83019",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-a-specific-TCP-packet-may-result-in-a-system-crash-vmcore-on-dual-RE-systems-with-NSR-enabled-CVE-2024-39559"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83004",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-large-RPKI-RTR-PDU-packet-can-cause-rpd-to-crash-CVE-2024-39543"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83010",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Receipt-of-specific-packets-in-the-aftmand-process-will-lead-to-a-memory-leak-CVE-2024-39548"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83014",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-multipath-incremental-calculation-is-resulting-in-an-rpd-crash-CVE-2024-39554"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82996",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Flaps-of-BFD-sessions-with-authentication-cause-a-ppmd-memory-leak-CVE-2024-39536"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82980",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receiving-specific-traffic-on-devices-with-EVPN-VPWS-with-IGMP-snooping-enabled-will-cause-the-rpd-to-crash-CVE-2024-39514"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83000",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-Specific-valid-TCP-traffic-can-cause-a-pfe-crash-CVE-2024-39540"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83008",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Local-low-privilege-user-can-gain-root-permissions-leading-to-privilege-escalation-CVE-2024-39546"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82991",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-Protocol-specific-DDoS-configuration-affects-other-protocols-CVE-2024-39531"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83011",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Receipt-of-malformed-BGP-path-attributes-leads-to-a-memory-leak-CVE-2024-39549"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82989",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Attempting-to-access-specific-sensors-on-platforms-not-supporting-these-will-lead-to-a-chassisd-crash-CVE-2024-39530"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82997",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-Ports-which-have-been-inadvertently-exposed-can-be-reached-over-the-network-CVE-2024-39537"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83023",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-EX-Series-J-Web-An-unauthenticated-network-based-attacker-can-perform-XPATH-injection-attack-against-a-device-CVE-2024-39565"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83026",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R1-release"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83013",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-and-MS-MPC-MIC-Receipt-of-specific-packets-in-H-323-ALG-causes-traffic-drop-CVE-2024-39551"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83002",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-malformed-CFM-packet-or-specific-transit-traffic-leads-to-FPC-crash-CVE-2024-39542"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83015",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-malformed-BGP-update-causes-the-session-to-reset-CVE-2024-39555"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83007",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-and-MX-Series-with-SPC3-and-NFX350-When-VPN-tunnels-parameters-are-not-matching-the-iked-process-will-crash-CVE-2024-39545"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82995",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-When-specific-traffic-is-received-in-a-VPLS-scenario-evo-pfemand-crashes-CVE-2024-39535"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82993",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-QFX5000-Series-and-EX4600-Series-Output-firewall-filter-is-not-applied-if-certain-match-criteria-are-used-CVE-2024-39533"
},
{
"published_at": "2024-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA75726",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Malformed-BGP-UPDATE-causes-RPD-crash-CVE-2024-39552"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82988",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-SRX-Series-If-DNS-traceoptions-are-configured-in-a-DGA-or-tunnel-detection-scenario-specific-DNS-traffic-leads-to-a-PFE-crash-CVE-2024-39529"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83017",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-MAC-table-changes-cause-a-memory-leak-CVE-2024-39557"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82983",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX-7000-Series-Multicast-traffic-is-looped-in-a-multihoming-EVPN-MPLS-scenario-CVE-2024-39519"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83020",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Memory-leak-due-to-RSVP-neighbor-persistent-error-leading-to-kernel-crash-CVE-2024-39560"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82998",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-ACX7000-Series-When-multicast-traffic-with-a-specific-S-G-is-received-evo-pfemand-crashes-CVE-2024-39538"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82999",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-MX-Series-Continuous-subscriber-logins-will-lead-to-a-memory-leak-and-eventually-an-FPC-crash-CVE-2024-39539"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA83016",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Loading-a-malicious-certificate-from-the-CLI-may-result-in-a-stack-based-overflow-CVE-2024-39556"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82992",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Confidential-information-in-logs-can-be-accessed-by-another-user-CVE-2024-39532"
},
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82978",
"url": "https://supportportal.juniper.net/s/article/2024-07-Security-Bulletin-Junos-OS-Evolved-Execution-of-a-specific-CLI-command-will-cause-a-crash-in-the-AFT-manager-CVE-2024-39513"
}
]
}
FKIE_CVE-2021-33193
Vulnerability from fkie_nvd - Published: 2021-08-16 08:15 - Updated: 2025-05-01 15:40
Severity
Summary
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch | Patch | |
| security@apache.org | https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E | Patch | |
| security@apache.org | https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E | Patch | |
| security@apache.org | https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html | Mailing List, Third Party Advisory | |
| security@apache.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/ | Third Party Advisory | |
| security@apache.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/ | Third Party Advisory | |
| security@apache.org | https://portswigger.net/research/http2 | Exploit, Third Party Advisory | |
| security@apache.org | https://security.gentoo.org/glsa/202208-20 | Third Party Advisory | |
| security@apache.org | https://security.netapp.com/advisory/ntap-20210917-0004/ | Third Party Advisory | |
| security@apache.org | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ | Third Party Advisory | |
| security@apache.org | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| security@apache.org | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory | |
| security@apache.org | https://www.tenable.com/security/tns-2021-17 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://portswigger.net/research/http2 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202208-20 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20210917-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-17 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 10.0 | |
| apache | http_server | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| tenable | tenable.sc | * | |
| oracle | secure_backup | * | |
| oracle | zfs_storage_appliance_kit | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8347A4B-8AA1-4BA6-9C58-8BC8EE9B1408",
"versionEndExcluding": "2.4.49",
"versionStartIncluding": "2.4.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A686FAF0-1383-4BBB-B7F5-CBCCAB55B356",
"versionEndIncluding": "5.19.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C01E8B82-71C7-4A4A-A70A-7B147524AB4A",
"versionEndExcluding": "18.1.0.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48."
},
{
"lang": "es",
"value": "Un m\u00e9todo dise\u00f1ado enviado mediante HTTP/2 omitir\u00e1 la comprobaci\u00f3n y ser\u00e1 reenviado por mod_proxy, lo que puede conllevar a la divisi\u00f3n de peticiones o el envenenamiento de la cach\u00e9. Este problema afecta a Apache HTTP Server versiones 2.4.17 a 2.4.48."
}
],
"id": "CVE-2021-33193",
"lastModified": "2025-05-01T15:40:12.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-16T08:15:11.480",
"references": [
{
"source": "security@apache.org",
"tags": [
"Patch"
],
"url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
},
{
"source": "security@apache.org",
"tags": [
"Patch"
],
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"tags": [
"Patch"
],
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://portswigger.net/research/http2"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210917-0004/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://portswigger.net/research/http2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210917-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-17"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-P9FG-6RR5-38XC
Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2025-05-01 18:31
VLAI
Details
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
Severity
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2021-33193"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-16T08:15:00Z",
"severity": "HIGH"
},
"details": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.",
"id": "GHSA-p9fg-6rr5-38xc",
"modified": "2025-05-01T18:31:40Z",
"published": "2022-05-24T19:11:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193"
},
{
"type": "WEB",
"url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2021-17"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210917-0004"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"type": "WEB",
"url": "https://portswigger.net/research/http2"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2021-33193
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-33193",
"description": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.",
"id": "GSD-2021-33193",
"references": [
"https://www.suse.com/security/cve/CVE-2021-33193.html",
"https://ubuntu.com/security/CVE-2021-33193",
"https://advisories.mageia.org/CVE-2021-33193.html",
"https://security.archlinux.org/CVE-2021-33193",
"https://alas.aws.amazon.com/cve/html/CVE-2021-33193.html",
"https://linux.oracle.com/cve/CVE-2021-33193.html",
"https://access.redhat.com/errata/RHSA-2022:1915",
"https://access.redhat.com/errata/RHSA-2022:6753",
"https://access.redhat.com/errata/RHSA-2022:7143",
"https://access.redhat.com/errata/RHSA-2022:7144"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-33193"
],
"details": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.",
"id": "GSD-2021-33193",
"modified": "2023-12-13T01:23:18.945226Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-33193",
"STATE": "PUBLIC",
"TITLE": "Request splitting via HTTP/2 method injection and mod_proxy"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_name": "Apache HTTP Server 2.4",
"version_value": "2.4.17 to 2.4.48"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Reported by James Kettle of PortSwigger"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Request Splitting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portswigger.net/research/http2",
"refsource": "MISC",
"url": "https://portswigger.net/research/http2"
},
{
"name": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch",
"refsource": "MISC",
"url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
},
{
"name": "[httpd-cvs] 20210916 [httpd-site] branch main updated: Revert \"Add descriptions for CVE-2021-33193 CVE-2021-36160\"",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210916 [httpd-site] branch main updated: Add descriptions for CVE-2021-33193 CVE-2021-36160",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "FEDORA-2021-5d2d4b6ac5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/"
},
{
"name": "FEDORA-2021-f94985afca",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/"
},
{
"name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210917-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210917-0004/"
},
{
"name": "https://www.tenable.com/security/tns-2021-17",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2021-17"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "GLSA-202208-20",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"name": "[debian-lts-announce] 20230303 [SECURITY] [DLA 3351-1] apache2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "eng",
"time": "2021-05-11",
"value": "reported"
},
{
"lang": "eng",
"time": "2021-08-06",
"value": "public"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.48",
"versionStartIncluding": "2.4.17",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.19.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "18.1.0.1.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2021-33193"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portswigger.net/research/http2",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://portswigger.net/research/http2"
},
{
"name": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch"
},
{
"name": "[httpd-cvs] 20210916 [httpd-site] branch main updated: Add descriptions for CVE-2021-33193 CVE-2021-36160",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210916 [httpd-site] branch main updated: Revert \"Add descriptions for CVE-2021-33193 CVE-2021-36160\"",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210917-0004/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210917-0004/"
},
{
"name": "FEDORA-2021-5d2d4b6ac5",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/"
},
{
"name": "https://www.tenable.com/security/tns-2021-17",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-17"
},
{
"name": "FEDORA-2021-f94985afca",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/"
},
{
"name": "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021",
"refsource": "CISCO",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "GLSA-202208-20",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-20"
},
{
"name": "[debian-lts-announce] 20230303 [SECURITY] [DLA 3351-1] apache2 security update",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-03-03T19:15Z",
"publishedDate": "2021-08-16T08:15Z"
}
}
}
MSRC_CVE-2021-33193
Vulnerability from csaf_microsoft - Published: 2021-08-02 00:00 - Updated: 2021-12-16 00:00Summary
Request splitting via HTTP/2 method injection and mod_proxy
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 19005-16820 | — | ||
| Unresolved product id: 17030-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2021-33193 Request splitting via HTTP/2 method injection and mod_proxy - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-33193.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Request splitting via HTTP/2 method injection and mod_proxy",
"tracking": {
"current_release_date": "2021-12-16T00:00:00.000Z",
"generator": {
"date": "2025-10-19T22:09:27.543Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2021-33193",
"initial_release_date": "2021-08-02T00:00:00.000Z",
"revision_history": [
{
"date": "2021-08-25T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2021-12-16T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added httpd to CBL-Mariner 2.0"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 httpd 2.4.46-6",
"product": {
"name": "\u003ccm1 httpd 2.4.46-6",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 httpd 2.4.46-6",
"product": {
"name": "cm1 httpd 2.4.46-6",
"product_id": "19005"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 httpd 2.4.52-1",
"product": {
"name": "\u003ccbl2 httpd 2.4.52-1",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 httpd 2.4.52-1",
"product": {
"name": "cbl2 httpd 2.4.52-1",
"product_id": "17030"
}
}
],
"category": "product_name",
"name": "httpd"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 httpd 2.4.46-6 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 httpd 2.4.46-6 as a component of CBL Mariner 1.0",
"product_id": "19005-16820"
},
"product_reference": "19005",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 httpd 2.4.52-1 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 httpd 2.4.52-1 as a component of CBL Mariner 2.0",
"product_id": "17030-17086"
},
"product_reference": "17030",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33193",
"notes": [
{
"category": "general",
"text": "apache",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"19005-16820",
"17030-17086"
],
"known_affected": [
"16820-1",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-33193 Request splitting via HTTP/2 method injection and mod_proxy - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-33193.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-25T00:00:00.000Z",
"details": "2.4.46-6:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2021-08-25T00:00:00.000Z",
"details": "2.4.52-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"16820-1",
"17086-2"
]
}
],
"title": "Request splitting via HTTP/2 method injection and mod_proxy"
}
]
}
OPENSUSE-SU-2021:1234-1
Vulnerability from csaf_opensuse - Published: 2021-09-07 09:31 - Updated: 2021-09-07 09:31Summary
Security update for apache2
Severity
Important
Notes
Title of the patch: Security update for apache2
Description of the patch: This update for apache2 fixes the following issues:
- CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy (bsc#1189387).
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patchnames: openSUSE-2021-1234
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.1 (Critical)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-doc-2.4.43-lp152.2.18.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
9 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1189387 | self |
| https://www.suse.com/security/cve/CVE-2021-33193/ | self |
| https://www.suse.com/security/cve/CVE-2021-33193 | external |
| https://bugzilla.suse.com/1189387 | external |
| https://bugzilla.suse.com/1195686 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apache2 fixes the following issues:\n\n- CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy (bsc#1189387).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2021-1234",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_1234-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:1234-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZXIW57JQ5R7GZCIYAX46QTL35T45Y4MW/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:1234-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZXIW57JQ5R7GZCIYAX46QTL35T45Y4MW/"
},
{
"category": "self",
"summary": "SUSE Bug 1189387",
"url": "https://bugzilla.suse.com/1189387"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33193 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33193/"
}
],
"title": "Security update for apache2",
"tracking": {
"current_release_date": "2021-09-07T09:31:00Z",
"generator": {
"date": "2021-09-07T09:31:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:1234-1",
"initial_release_date": "2021-09-07T09:31:00Z",
"revision_history": [
{
"date": "2021-09-07T09:31:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.43-lp152.2.18.1.i586",
"product": {
"name": "apache2-2.4.43-lp152.2.18.1.i586",
"product_id": "apache2-2.4.43-lp152.2.18.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.43-lp152.2.18.1.i586",
"product": {
"name": "apache2-devel-2.4.43-lp152.2.18.1.i586",
"product_id": "apache2-devel-2.4.43-lp152.2.18.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.43-lp152.2.18.1.i586",
"product": {
"name": "apache2-event-2.4.43-lp152.2.18.1.i586",
"product_id": "apache2-event-2.4.43-lp152.2.18.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.43-lp152.2.18.1.i586",
"product": {
"name": "apache2-example-pages-2.4.43-lp152.2.18.1.i586",
"product_id": "apache2-example-pages-2.4.43-lp152.2.18.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.43-lp152.2.18.1.i586",
"product": {
"name": "apache2-prefork-2.4.43-lp152.2.18.1.i586",
"product_id": "apache2-prefork-2.4.43-lp152.2.18.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.43-lp152.2.18.1.i586",
"product": {
"name": "apache2-utils-2.4.43-lp152.2.18.1.i586",
"product_id": "apache2-utils-2.4.43-lp152.2.18.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.43-lp152.2.18.1.i586",
"product": {
"name": "apache2-worker-2.4.43-lp152.2.18.1.i586",
"product_id": "apache2-worker-2.4.43-lp152.2.18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-doc-2.4.43-lp152.2.18.1.noarch",
"product": {
"name": "apache2-doc-2.4.43-lp152.2.18.1.noarch",
"product_id": "apache2-doc-2.4.43-lp152.2.18.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.43-lp152.2.18.1.x86_64",
"product": {
"name": "apache2-2.4.43-lp152.2.18.1.x86_64",
"product_id": "apache2-2.4.43-lp152.2.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.43-lp152.2.18.1.x86_64",
"product": {
"name": "apache2-devel-2.4.43-lp152.2.18.1.x86_64",
"product_id": "apache2-devel-2.4.43-lp152.2.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.43-lp152.2.18.1.x86_64",
"product": {
"name": "apache2-event-2.4.43-lp152.2.18.1.x86_64",
"product_id": "apache2-event-2.4.43-lp152.2.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.43-lp152.2.18.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.43-lp152.2.18.1.x86_64",
"product_id": "apache2-example-pages-2.4.43-lp152.2.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.43-lp152.2.18.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.43-lp152.2.18.1.x86_64",
"product_id": "apache2-prefork-2.4.43-lp152.2.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.43-lp152.2.18.1.x86_64",
"product": {
"name": "apache2-utils-2.4.43-lp152.2.18.1.x86_64",
"product_id": "apache2-utils-2.4.43-lp152.2.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.43-lp152.2.18.1.x86_64",
"product": {
"name": "apache2-worker-2.4.43-lp152.2.18.1.x86_64",
"product_id": "apache2-worker-2.4.43-lp152.2.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.43-lp152.2.18.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.i586"
},
"product_reference": "apache2-2.4.43-lp152.2.18.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.43-lp152.2.18.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.x86_64"
},
"product_reference": "apache2-2.4.43-lp152.2.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.43-lp152.2.18.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.i586"
},
"product_reference": "apache2-devel-2.4.43-lp152.2.18.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.43-lp152.2.18.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.x86_64"
},
"product_reference": "apache2-devel-2.4.43-lp152.2.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.43-lp152.2.18.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-doc-2.4.43-lp152.2.18.1.noarch"
},
"product_reference": "apache2-doc-2.4.43-lp152.2.18.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.43-lp152.2.18.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.i586"
},
"product_reference": "apache2-event-2.4.43-lp152.2.18.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.43-lp152.2.18.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.x86_64"
},
"product_reference": "apache2-event-2.4.43-lp152.2.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.43-lp152.2.18.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.i586"
},
"product_reference": "apache2-example-pages-2.4.43-lp152.2.18.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.43-lp152.2.18.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.43-lp152.2.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.43-lp152.2.18.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.i586"
},
"product_reference": "apache2-prefork-2.4.43-lp152.2.18.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.43-lp152.2.18.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.43-lp152.2.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.43-lp152.2.18.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.i586"
},
"product_reference": "apache2-utils-2.4.43-lp152.2.18.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.43-lp152.2.18.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.x86_64"
},
"product_reference": "apache2-utils-2.4.43-lp152.2.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.43-lp152.2.18.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.i586"
},
"product_reference": "apache2-worker-2.4.43-lp152.2.18.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.43-lp152.2.18.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.x86_64"
},
"product_reference": "apache2-worker-2.4.43-lp152.2.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33193"
}
],
"notes": [
{
"category": "general",
"text": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-doc-2.4.43-lp152.2.18.1.noarch",
"openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33193",
"url": "https://www.suse.com/security/cve/CVE-2021-33193"
},
{
"category": "external",
"summary": "SUSE Bug 1189387 for CVE-2021-33193",
"url": "https://bugzilla.suse.com/1189387"
},
{
"category": "external",
"summary": "SUSE Bug 1195686 for CVE-2021-33193",
"url": "https://bugzilla.suse.com/1195686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-doc-2.4.43-lp152.2.18.1.noarch",
"openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-devel-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-doc-2.4.43-lp152.2.18.1.noarch",
"openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-event-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-example-pages-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-prefork-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-utils-2.4.43-lp152.2.18.1.x86_64",
"openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.i586",
"openSUSE Leap 15.2:apache2-worker-2.4.43-lp152.2.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-09-07T09:31:00Z",
"details": "critical"
}
],
"title": "CVE-2021-33193"
}
]
}
OPENSUSE-SU-2021:2954-1
Vulnerability from csaf_opensuse - Published: 2021-09-03 12:43 - Updated: 2021-09-03 12:43Summary
Security update for apache2
Severity
Important
Notes
Title of the patch: Security update for apache2
Description of the patch: This update for apache2 fixes the following issues:
- CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy (bsc#1189387).
Patchnames: openSUSE-SLE-15.3-2021-2954
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.1 (Critical)
Affected products
Recommended
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.43-3.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.43-3.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.43-3.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-2.4.43-3.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-doc-2.4.43-3.25.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
9 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1189387 | self |
| https://www.suse.com/security/cve/CVE-2021-33193/ | self |
| https://www.suse.com/security/cve/CVE-2021-33193 | external |
| https://bugzilla.suse.com/1189387 | external |
| https://bugzilla.suse.com/1195686 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apache2 fixes the following issues:\n\n- CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy (bsc#1189387).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2021-2954",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_2954-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2021:2954-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ML464OXXVITHCRNCGTP3DMIAYMJEHJEO/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2021:2954-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ML464OXXVITHCRNCGTP3DMIAYMJEHJEO/"
},
{
"category": "self",
"summary": "SUSE Bug 1189387",
"url": "https://bugzilla.suse.com/1189387"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-33193 page",
"url": "https://www.suse.com/security/cve/CVE-2021-33193/"
}
],
"title": "Security update for apache2",
"tracking": {
"current_release_date": "2021-09-03T12:43:53Z",
"generator": {
"date": "2021-09-03T12:43:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2021:2954-1",
"initial_release_date": "2021-09-03T12:43:53Z",
"revision_history": [
{
"date": "2021-09-03T12:43:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.43-3.25.1.aarch64",
"product": {
"name": "apache2-2.4.43-3.25.1.aarch64",
"product_id": "apache2-2.4.43-3.25.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.43-3.25.1.aarch64",
"product": {
"name": "apache2-devel-2.4.43-3.25.1.aarch64",
"product_id": "apache2-devel-2.4.43-3.25.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.43-3.25.1.aarch64",
"product": {
"name": "apache2-event-2.4.43-3.25.1.aarch64",
"product_id": "apache2-event-2.4.43-3.25.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.43-3.25.1.aarch64",
"product": {
"name": "apache2-example-pages-2.4.43-3.25.1.aarch64",
"product_id": "apache2-example-pages-2.4.43-3.25.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.43-3.25.1.aarch64",
"product": {
"name": "apache2-prefork-2.4.43-3.25.1.aarch64",
"product_id": "apache2-prefork-2.4.43-3.25.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.43-3.25.1.aarch64",
"product": {
"name": "apache2-utils-2.4.43-3.25.1.aarch64",
"product_id": "apache2-utils-2.4.43-3.25.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.43-3.25.1.aarch64",
"product": {
"name": "apache2-worker-2.4.43-3.25.1.aarch64",
"product_id": "apache2-worker-2.4.43-3.25.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-doc-2.4.43-3.25.1.noarch",
"product": {
"name": "apache2-doc-2.4.43-3.25.1.noarch",
"product_id": "apache2-doc-2.4.43-3.25.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.43-3.25.1.ppc64le",
"product": {
"name": "apache2-2.4.43-3.25.1.ppc64le",
"product_id": "apache2-2.4.43-3.25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.43-3.25.1.ppc64le",
"product": {
"name": "apache2-devel-2.4.43-3.25.1.ppc64le",
"product_id": "apache2-devel-2.4.43-3.25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.43-3.25.1.ppc64le",
"product": {
"name": "apache2-event-2.4.43-3.25.1.ppc64le",
"product_id": "apache2-event-2.4.43-3.25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.43-3.25.1.ppc64le",
"product": {
"name": "apache2-example-pages-2.4.43-3.25.1.ppc64le",
"product_id": "apache2-example-pages-2.4.43-3.25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.43-3.25.1.ppc64le",
"product": {
"name": "apache2-prefork-2.4.43-3.25.1.ppc64le",
"product_id": "apache2-prefork-2.4.43-3.25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.43-3.25.1.ppc64le",
"product": {
"name": "apache2-utils-2.4.43-3.25.1.ppc64le",
"product_id": "apache2-utils-2.4.43-3.25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.43-3.25.1.ppc64le",
"product": {
"name": "apache2-worker-2.4.43-3.25.1.ppc64le",
"product_id": "apache2-worker-2.4.43-3.25.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.43-3.25.1.s390x",
"product": {
"name": "apache2-2.4.43-3.25.1.s390x",
"product_id": "apache2-2.4.43-3.25.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.43-3.25.1.s390x",
"product": {
"name": "apache2-devel-2.4.43-3.25.1.s390x",
"product_id": "apache2-devel-2.4.43-3.25.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.43-3.25.1.s390x",
"product": {
"name": "apache2-event-2.4.43-3.25.1.s390x",
"product_id": "apache2-event-2.4.43-3.25.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.43-3.25.1.s390x",
"product": {
"name": "apache2-example-pages-2.4.43-3.25.1.s390x",
"product_id": "apache2-example-pages-2.4.43-3.25.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.43-3.25.1.s390x",
"product": {
"name": "apache2-prefork-2.4.43-3.25.1.s390x",
"product_id": "apache2-prefork-2.4.43-3.25.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.43-3.25.1.s390x",
"product": {
"name": "apache2-utils-2.4.43-3.25.1.s390x",
"product_id": "apache2-utils-2.4.43-3.25.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.43-3.25.1.s390x",
"product": {
"name": "apache2-worker-2.4.43-3.25.1.s390x",
"product_id": "apache2-worker-2.4.43-3.25.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.43-3.25.1.x86_64",
"product": {
"name": "apache2-2.4.43-3.25.1.x86_64",
"product_id": "apache2-2.4.43-3.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.43-3.25.1.x86_64",
"product": {
"name": "apache2-devel-2.4.43-3.25.1.x86_64",
"product_id": "apache2-devel-2.4.43-3.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-event-2.4.43-3.25.1.x86_64",
"product": {
"name": "apache2-event-2.4.43-3.25.1.x86_64",
"product_id": "apache2-event-2.4.43-3.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.43-3.25.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.43-3.25.1.x86_64",
"product_id": "apache2-example-pages-2.4.43-3.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.43-3.25.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.43-3.25.1.x86_64",
"product_id": "apache2-prefork-2.4.43-3.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.43-3.25.1.x86_64",
"product": {
"name": "apache2-utils-2.4.43-3.25.1.x86_64",
"product_id": "apache2-utils-2.4.43-3.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.43-3.25.1.x86_64",
"product": {
"name": "apache2-worker-2.4.43-3.25.1.x86_64",
"product_id": "apache2-worker-2.4.43-3.25.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.43-3.25.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.43-3.25.1.aarch64"
},
"product_reference": "apache2-2.4.43-3.25.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.43-3.25.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.43-3.25.1.ppc64le"
},
"product_reference": "apache2-2.4.43-3.25.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.43-3.25.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.43-3.25.1.s390x"
},
"product_reference": "apache2-2.4.43-3.25.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.43-3.25.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-2.4.43-3.25.1.x86_64"
},
"product_reference": "apache2-2.4.43-3.25.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.43-3.25.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.aarch64"
},
"product_reference": "apache2-devel-2.4.43-3.25.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.43-3.25.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.ppc64le"
},
"product_reference": "apache2-devel-2.4.43-3.25.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.43-3.25.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.s390x"
},
"product_reference": "apache2-devel-2.4.43-3.25.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.43-3.25.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.x86_64"
},
"product_reference": "apache2-devel-2.4.43-3.25.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.43-3.25.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-doc-2.4.43-3.25.1.noarch"
},
"product_reference": "apache2-doc-2.4.43-3.25.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.43-3.25.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.aarch64"
},
"product_reference": "apache2-event-2.4.43-3.25.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.43-3.25.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.ppc64le"
},
"product_reference": "apache2-event-2.4.43-3.25.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.43-3.25.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.s390x"
},
"product_reference": "apache2-event-2.4.43-3.25.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-event-2.4.43-3.25.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.x86_64"
},
"product_reference": "apache2-event-2.4.43-3.25.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.43-3.25.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.43-3.25.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.43-3.25.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.43-3.25.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.43-3.25.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.43-3.25.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.43-3.25.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.43-3.25.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.43-3.25.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.43-3.25.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.43-3.25.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.43-3.25.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.43-3.25.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.s390x"
},
"product_reference": "apache2-prefork-2.4.43-3.25.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.43-3.25.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.43-3.25.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.43-3.25.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.aarch64"
},
"product_reference": "apache2-utils-2.4.43-3.25.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.43-3.25.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.43-3.25.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.43-3.25.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.s390x"
},
"product_reference": "apache2-utils-2.4.43-3.25.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.43-3.25.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.x86_64"
},
"product_reference": "apache2-utils-2.4.43-3.25.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.43-3.25.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.aarch64"
},
"product_reference": "apache2-worker-2.4.43-3.25.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.43-3.25.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.43-3.25.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.43-3.25.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.s390x"
},
"product_reference": "apache2-worker-2.4.43-3.25.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.43-3.25.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.x86_64"
},
"product_reference": "apache2-worker-2.4.43-3.25.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-33193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-33193"
}
],
"notes": [
{
"category": "general",
"text": "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-doc-2.4.43-3.25.1.noarch",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-33193",
"url": "https://www.suse.com/security/cve/CVE-2021-33193"
},
{
"category": "external",
"summary": "SUSE Bug 1189387 for CVE-2021-33193",
"url": "https://bugzilla.suse.com/1189387"
},
{
"category": "external",
"summary": "SUSE Bug 1195686 for CVE-2021-33193",
"url": "https://bugzilla.suse.com/1195686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-doc-2.4.43-3.25.1.noarch",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-devel-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-doc-2.4.43-3.25.1.noarch",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-event-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-example-pages-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-prefork-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-utils-2.4.43-3.25.1.x86_64",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.aarch64",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.ppc64le",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.s390x",
"openSUSE Leap 15.3:apache2-worker-2.4.43-3.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-09-03T12:43:53Z",
"details": "critical"
}
],
"title": "CVE-2021-33193"
}
]
}
RHSA-2022:1915
Vulnerability from csaf_redhat - Published: 2022-05-10 14:18 - Updated: 2026-05-14 22:32Summary
Red Hat Security Advisory: httpd:2.4 security and bug fix update
Severity
Moderate
Notes
Topic: An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)
* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)
* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)
* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.3 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.
7.5 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
There's a null pointer dereference and server-side request forgery flaw in httpd's mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.
7.1 (High)
Affected products
Fixed
85 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
29 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2022:1915 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/documentation/en-us/red… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1966724 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1966728 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1984828 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2001046 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2005124 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2034672 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2020-35452 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1966724 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-35452 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-35452 | external |
| https://httpd.apache.org/security/vulnerabilities… | external |
| https://access.redhat.com/security/cve/CVE-2021-33193 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1966728 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-33193 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-33193 | external |
| https://portswigger.net/research/http2 | external |
| https://access.redhat.com/security/cve/CVE-2021-36160 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2005124 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-36160 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-36160 | external |
| https://access.redhat.com/security/cve/CVE-2021-44224 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2034672 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-44224 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-44224 | external |
| http://httpd.apache.org/security/vulnerabilities_… | external |
Acknowledgments
the Apache project
GHSL
Antonio Morales
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)\n\n* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)\n\n* httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)\n\n* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1915",
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"
},
{
"category": "external",
"summary": "1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "1984828",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1984828"
},
{
"category": "external",
"summary": "2001046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2001046"
},
{
"category": "external",
"summary": "2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1915.json"
}
],
"title": "Red Hat Security Advisory: httpd:2.4 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-14T22:32:02+00:00",
"generator": {
"date": "2026-05-14T22:32:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2022:1915",
"initial_release_date": "2022-05-10T14:18:41+00:00",
"revision_history": [
{
"date": "2022-05-10T14:18:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-10T14:18:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:32:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=aarch64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=src\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=src\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=src\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"product": {
"name": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch (httpd:2.4)",
"product_id": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-filesystem@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=noarch\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"product": {
"name": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch (httpd:2.4)",
"product_id": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=noarch\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=ppc64le\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=s390x\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debugsource@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4)",
"product_id": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4)",
"product_id": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debuginfo@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4)",
"product_id": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_http2-debugsource@1.15.7-5.module%2Bel8.6.0%2B13996%2B01710940?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4)",
"product_id": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4)",
"product_id": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debuginfo@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4)",
"product_id": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_md-debugsource@2.0.8-8.module%2Bel8.3.0%2B6814%2B67d1e611?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4)",
"product_id": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl-debuginfo@2.4.37-47.module%2Bel8.6.0%2B14529%2B083145da.1?arch=x86_64\u0026epoch=1\u0026rpmmod=httpd:2.4:8060020220321163517:d63f516d"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4"
},
"product_reference": "httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4"
},
"product_reference": "httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4"
},
"product_reference": "mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4"
},
"product_reference": "mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4"
},
"product_reference": "mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4"
},
"product_reference": "mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4"
},
"product_reference": "mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4"
},
"product_reference": "mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64 (httpd:2.4) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
},
"product_reference": "mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"relates_to_product_reference": "AppStream-8.6.0.GA"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2020-35452",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966724"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Single zero byte stack overflow in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35452"
},
{
"category": "external",
"summary": "RHBZ#1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:18:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "workaround",
"details": "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Single zero byte stack overflow in mod_auth_digest"
},
{
"cve": "CVE-2021-33193",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966728"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_h2. The highest threat from this flaw is to system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Request splitting via HTTP/2 method injection and mod_proxy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33193"
},
{
"category": "external",
"summary": "RHBZ#1966728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33193",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33193"
},
{
"category": "external",
"summary": "https://portswigger.net/research/http2",
"url": "https://portswigger.net/research/http2"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:18:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by disabling HTTP/2. More information available at: https://httpd.apache.org/docs/2.4/mod/mod_http2.html",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Request splitting via HTTP/2 method injection and mod_proxy"
},
{
"cve": "CVE-2021-36160",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005124"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read in mod_proxy_uwsgi of httpd allows a remote unauthenticated attacker to crash the service through a crafted request. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36160"
},
{
"category": "external",
"summary": "RHBZ#2005124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005124"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36160"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:18:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path"
},
{
"cve": "CVE-2021-44224",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2021-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2034672"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a null pointer dereference and server-side request forgery flaw in httpd\u0027s mod_proxy module, when it is configured to be used as a forward proxy. A crafted packet could be sent on the adjacent network to the forward proxy that could cause a crash, or potentially SSRF via misdirected Unix Domain Socket requests. In the worst case, this could cause a denial of service or compromise to confidentiality of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: possible NULL dereference or SSRF in forward proxy configurations",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect httpd configurations that do not use forward proxy functionality (configurations where ProxyRequests is turned off).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-44224"
},
{
"category": "external",
"summary": "RHBZ#2034672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2034672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-44224",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44224"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44224"
},
{
"category": "external",
"summary": "http://httpd.apache.org/security/vulnerabilities_24.html",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:18:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.src::httpd:2.4",
"AppStream-8.6.0.GA:httpd-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-debugsource-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-devel-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-filesystem-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-manual-0:2.4.37-47.module+el8.6.0+14529+083145da.1.noarch::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:httpd-tools-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debuginfo-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_http2-debugsource-0:1.15.7-5.module+el8.6.0+13996+01710940.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ldap-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.src::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debuginfo-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_md-debugsource-1:2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_proxy_html-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_session-debuginfo-0:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.aarch64::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.ppc64le::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.s390x::httpd:2.4",
"AppStream-8.6.0.GA:mod_ssl-debuginfo-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64::httpd:2.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: possible NULL dereference or SSRF in forward proxy configurations"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…