Action not permitted
Modal body text goes here.
cve-2019-17567
Vulnerability from cvelistv5
Published
2021-06-10 07:10
Modified
2024-08-05 01:40
Severity
Summary
mod_proxy_wstunnel tunneling of non Upgraded connections
References
Impacted products
| Vendor | Product |
|---|---|
| Apache Software Foundation | Apache HTTP Server |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:15.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-announce] 20210609 CVE-2019-17567: mod_proxy_wstunnel tunneling of non Upgraded connections",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "[oss-security] 20210609 CVE-2019-17567: Apache httpd: mod_proxy_wstunnel tunneling of non Upgraded connections",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/2"
},
{
"name": "GLSA-202107-38",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"name": "FEDORA-2021-dce7e7738e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"
},
{
"name": "FEDORA-2021-e3f6dd670d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
},
{
"name": "[debian-lts-announce] 20240525 [SECURITY] [DLA 3818-1] apache2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.4.46"
},
{
"status": "affected",
"version": "2.4.43"
},
{
"status": "affected",
"version": "2.4.41"
},
{
"status": "affected",
"version": "2.4.39"
},
{
"status": "affected",
"version": "2.4.38"
},
{
"status": "affected",
"version": "2.4.37"
},
{
"status": "affected",
"version": "2.4.35"
},
{
"status": "affected",
"version": "2.4.34"
},
{
"status": "affected",
"version": "2.4.33"
},
{
"status": "affected",
"version": "2.4.29"
},
{
"status": "affected",
"version": "2.4.28"
},
{
"status": "affected",
"version": "2.4.27"
},
{
"status": "affected",
"version": "2.4.26"
},
{
"status": "affected",
"version": "2.4.25"
},
{
"status": "affected",
"version": "2.4.23"
},
{
"status": "affected",
"version": "2.4.20"
},
{
"status": "affected",
"version": "2.4.18"
},
{
"status": "affected",
"version": "2.4.17"
},
{
"status": "affected",
"version": "2.4.16"
},
{
"status": "affected",
"version": "2.4.12"
},
{
"status": "affected",
"version": "2.4.10"
},
{
"status": "affected",
"version": "2.4.9"
},
{
"status": "affected",
"version": "2.4.7"
},
{
"status": "affected",
"version": "2.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported by Mikhail Egorov (\u003c0ang3el gmail.com\u003e)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "mod_proxy_wstunnel tunneling of non Upgraded connections",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T16:10:30.804307",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-announce] 20210609 CVE-2019-17567: mod_proxy_wstunnel tunneling of non Upgraded connections",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"tags": [
"mailing-list"
],
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "[oss-security] 20210609 CVE-2019-17567: Apache httpd: mod_proxy_wstunnel tunneling of non Upgraded connections",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/2"
},
{
"name": "GLSA-202107-38",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"name": "FEDORA-2021-dce7e7738e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"
},
{
"name": "FEDORA-2021-e3f6dd670d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
},
{
"name": "[debian-lts-announce] 20240525 [SECURITY] [DLA 3818-1] apache2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "mod_proxy_wstunnel tunneling of non Upgraded connections",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-17567",
"datePublished": "2021-06-10T07:10:19",
"dateReserved": "2019-10-14T00:00:00",
"dateUpdated": "2024-08-05T01:40:15.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-17567\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2021-06-10T07:15:07.200\",\"lastModified\":\"2024-06-10T17:16:08.460\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.\"},{\"lang\":\"es\",\"value\":\"Apache HTTP Server versiones 2.4.6 a 2.4.46 la funci\u00f3n mod_proxy_wstunnel configurado en una URL que no es necesariamente Actualizada por el servidor de origen estaba tunelizando toda la conexi\u00f3n a pesar de ello, permitiendo as\u00ed para las peticiones posteriores en la misma conexi\u00f3n pasar sin comprobaci\u00f3n HTTP, autenticaci\u00f3n o autorizaci\u00f3n posiblemente configurada\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.6\",\"versionEndIncluding\":\"2.4.46\",\"matchCriteriaId\":\"F6770F65-8487-49C0-8FAC-676AA4724D10\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B095CC03-7077-4A58-AB25-CC5380CDCE5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F69B9A5-F21B-4904-9F27-95C0F7A628E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}]}]}],\"references\":[{\"url\":\"http://httpd.apache.org/security/vulnerabilities_24.html\",\"source\":\"security@apache.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/06/10/2\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.gentoo.org/glsa/202107-38\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210702-0001/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2021.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
ghsa-qf63-wqjv-7x2f
Vulnerability from github
Published
2022-05-24 19:04
Modified
2024-06-10 18:30
Severity
Details
Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.
{
"affected": [],
"aliases": [
"CVE-2019-17567"
],
"database_specific": {
"cwe_ids": [
"CWE-444"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-06-10T07:15:00Z",
"severity": "MODERATE"
},
"details": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.",
"id": "GHSA-qf63-wqjv-7x2f",
"modified": "2024-06-10T18:30:45Z",
"published": "2022-05-24T19:04:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd%40%3Cdev.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c%40%3Cannounce.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c@%3Cannounce.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210702-0001"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"type": "WEB",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
gsd-2019-17567
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-17567",
"description": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.",
"id": "GSD-2019-17567",
"references": [
"https://www.suse.com/security/cve/CVE-2019-17567.html",
"https://access.redhat.com/errata/RHSA-2021:4614",
"https://access.redhat.com/errata/RHSA-2021:4613",
"https://advisories.mageia.org/CVE-2019-17567.html",
"https://security.archlinux.org/CVE-2019-17567",
"https://alas.aws.amazon.com/cve/html/CVE-2019-17567.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-17567"
],
"details": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.",
"id": "GSD-2019-17567",
"modified": "2023-12-13T01:23:44.308010Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-17567",
"STATE": "PUBLIC",
"TITLE": "mod_proxy_wstunnel tunneling of non Upgraded connections"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.46"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.43"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.41"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.39"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.38"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.37"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.35"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.34"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.33"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.29"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.28"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.27"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.26"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.25"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.23"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.20"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.18"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.17"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.16"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.12"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.10"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.9"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.7"
},
{
"version_affected": "=",
"version_name": "2.4",
"version_value": "2.4.6"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Reported by Mikhail Egorov (\u003c0ang3el gmail.com\u003e)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "mod_proxy_wstunnel tunneling of non Upgraded connections"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "MISC",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-announce] 20210609 CVE-2019-17567: mod_proxy_wstunnel tunneling of non Upgraded connections",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c@%3Cannounce.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[oss-security] 20210609 CVE-2019-17567: Apache httpd: mod_proxy_wstunnel tunneling of non Upgraded connections",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/2"
},
{
"name": "GLSA-202107-38",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"name": "FEDORA-2021-dce7e7738e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"
},
{
"name": "FEDORA-2021-e3f6dd670d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210702-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.46",
"versionStartIncluding": "2.4.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-17567"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "N/A",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "N/A",
"refsource": "CONFIRM",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/re026d3da9d7824bd93b9f871c0fdda978d960c7e62d8c43cba8d0bf3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-announce] 20210609 CVE-2019-17567: mod_proxy_wstunnel tunneling of non Upgraded connections",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r90f693a5c9fb75550ef1412436d5e682a5f845beb427fa6f23419a3c@%3Cannounce.httpd.apache.org%3E"
},
{
"name": "[httpd-dev] 20210610 Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r7f2b70b621651548f4b6f027552f1dd91705d7111bb5d15cda0a68dd@%3Cdev.httpd.apache.org%3E"
},
{
"name": "[oss-security] 20210609 CVE-2019-17567: Apache httpd: mod_proxy_wstunnel tunneling of non Upgraded connections",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/06/10/2"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210702-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210702-0001/"
},
{
"name": "GLSA-202107-38",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"name": "FEDORA-2021-dce7e7738e",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"
},
{
"name": "FEDORA-2021-e3f6dd670d",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2021-12-02T21:05Z",
"publishedDate": "2021-06-10T07:15Z"
}
}
}
wid-sec-w-2022-0438
Vulnerability from csaf_certbund
Published
2021-06-09 22:00
Modified
2024-05-26 22:00
Summary
Apache HTTP Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache ist ein Webserver für verschiedene Plattformen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um einen Denial of Service Angriff durchzuführen, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache ist ein Webserver f\u00fcr verschiedene Plattformen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache HTTP Server ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0438 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2022-0438.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0438 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0438"
},
{
"category": "external",
"summary": "Apache Security Advisory vom 2021-06-09",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2006-1 vom 2021-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009032.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2004-1 vom 2021-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009030.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:14749-1 vom 2021-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009024.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4994-1 vom 2021-06-21",
"url": "https://ubuntu.com/security/notices/USN-4994-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4994-1 vom 2021-06-21",
"url": "https://ubuntu.com/security/notices/USN-4994-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2127-1 vom 2021-06-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009074.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1659 vom 2021-06-23",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1659.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1674 vom 2021-07-02",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1674.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4937 vom 2021-07-09",
"url": "https://www.debian.org/security/2021/dsa-4937"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2706 vom 2021-07-09",
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2021-1514 vom 2021-07-13",
"url": "https://alas.aws.amazon.com/ALAS-2021-1514.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9541 vom 2021-11-04",
"url": "https://linux.oracle.com/errata/ELSA-2021-9541.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202107-38 vom 2021-07-17",
"url": "https://security.gentoo.org/glsa/202107-38"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:3816 vom 2021-10-12",
"url": "https://access.redhat.com/errata/RHSA-2021:3816"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-3816 vom 2021-10-13",
"url": "http://linux.oracle.com/errata/ELSA-2021-3816.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4537 vom 2021-11-10",
"url": "https://access.redhat.com/errata/RHSA-2021:4537"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4257 vom 2021-11-09",
"url": "https://access.redhat.com/errata/RHSA-2021:4257"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4613 vom 2021-11-10",
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2021:4614 vom 2021-11-10",
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9545 vom 2021-11-12",
"url": "http://linux.oracle.com/errata/ELSA-2021-9545.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-158 vom 2021-11-11",
"url": "https://downloads.avaya.com/css/P8/documents/101078543"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2021-157 vom 2021-11-11",
"url": "https://downloads.avaya.com/css/P8/documents/101078542"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-4537 vom 2021-11-18",
"url": "https://linux.oracle.com/errata/ELSA-2021-4537.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:0143 vom 2022-01-17",
"url": "https://access.redhat.com/errata/RHSA-2022:0143"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-0143 vom 2022-01-19",
"url": "http://linux.oracle.com/errata/ELSA-2022-0143.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2022:0143 vom 2022-01-25",
"url": "https://lists.centos.org/pipermail/centos-announce/2022-January/073551.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-003 vom 2027-01-18",
"url": "https://downloads.avaya.com/css/P8/documents/101079910"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-1915 vom 2022-05-17",
"url": "https://linux.oracle.com/errata/ELSA-2022-1915.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-1045 vom 2022-03-24",
"url": "http://linux.oracle.com/errata/ELSA-2022-1045.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1915 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1915"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5163 vom 2022-06-22",
"url": "https://access.redhat.com/errata/RHSA-2022:5163"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-083 vom 2022-06-24",
"url": "https://downloads.avaya.com/css/P8/documents/101082388"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-5163 vom 2022-06-24",
"url": "http://linux.oracle.com/errata/ELSA-2022-5163.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-053 vom 2022-07-18",
"url": "https://downloads.avaya.com/css/P8/documents/101082704"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7647 vom 2022-11-15",
"url": "https://linux.oracle.com/errata/ELSA-2022-7647.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/6840315"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-1593 vom 2023-04-05",
"url": "https://linux.oracle.com/errata/ELSA-2023-1593.html"
},
{
"category": "external",
"summary": "F5 stellt neue Informationen zur Verf\u00fcgung",
"url": "https://my.f5.com/manage/s/article/K000133522"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3818 vom 2024-05-25",
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"
}
],
"source_lang": "en-US",
"title": "Apache HTTP Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-05-26T22:00:00.000+00:00",
"generator": {
"date": "2024-05-27T08:08:16.755+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2022-0438",
"initial_release_date": "2021-06-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2021-06-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2021-06-17T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-06-21T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2021-06-22T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-06-23T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2021-07-01T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2021-07-08T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2021-07-11T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2021-07-12T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2021-07-18T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2021-10-12T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-10-13T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-11-03T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-11-09T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-11-10T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2021-11-14T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux und AVAYA aufgenommen"
},
{
"date": "2021-11-18T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-01-16T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-01-19T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-01-25T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2022-01-27T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-03-24T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-05-10T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-17T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-06-22T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-26T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von AVAYA und Oracle Linux aufgenommen"
},
{
"date": "2022-07-19T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-11-20T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-04-04T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-04-16T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2024-05-26T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Debian aufgenommen"
}
],
"status": "final",
"version": "32"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.4.48",
"product": {
"name": "Apache HTTP Server \u003c2.4.48",
"product_id": "T019472",
"product_identification_helper": {
"cpe": "cpe:/a:apache:http_server:2.4.48"
}
}
}
],
"category": "product_name",
"name": "HTTP Server"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Web License Manager",
"product": {
"name": "Avaya Web License Manager",
"product_id": "T016243",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:web_license_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Power Hardware Management Console",
"product": {
"name": "IBM Power Hardware Management Console",
"product_id": "5114",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17567",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2019-17567"
},
{
"cve": "CVE-2020-13938",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2020-13938"
},
{
"cve": "CVE-2020-13950",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2020-13950"
},
{
"cve": "CVE-2020-35452",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2020-35452"
},
{
"cve": "CVE-2021-20325",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2021-20325"
},
{
"cve": "CVE-2021-26690",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2021-26690"
},
{
"cve": "CVE-2021-26691",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2021-26691"
},
{
"cve": "CVE-2021-30641",
"notes": [
{
"category": "description",
"text": "In Apache HTTP Server existieren mehrere Schwachstellen. Diese Schwachstellen sind unter anderem auf Puffer\u00fcberl\u00e4ufe, NULL-Zeiger-Dereferenzierungen, Fehler beim Umgang mit Privilegien zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen oder sonstige Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T015519",
"T015518",
"67646",
"T015516",
"5114",
"T015127",
"T015126",
"T012167",
"T004914",
"T016243",
"2951",
"T002207",
"T000126",
"T001663",
"398363",
"1727"
]
},
"release_date": "2021-06-09T22:00:00Z",
"title": "CVE-2021-30641"
}
]
}
rhsa-2021_4613
Vulnerability from csaf_redhat
Published
2021-11-10 17:14
Modified
2024-09-16 06:17
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)
* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)
* httpd: Heap overflow in mod_session (CVE-2021-26691)
* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)
* httpd: MergeSlashes regression (CVE-2021-30641)
* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)
* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)
* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
* openssl: integer overflow in CipherUpdate (CVE-2021-23840)
* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)
* pcre: integer overflow in libpcre (CVE-2020-14155)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)\n* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)\n* httpd: Heap overflow in mod_session (CVE-2021-26691)\n* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)\n* httpd: MergeSlashes regression (CVE-2021-30641)\n* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)\n* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)\n* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)\n* openssl: integer overflow in CipherUpdate (CVE-2021-23840)\n* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)\n* pcre: integer overflow in libpcre (CVE-2020-14155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4613",
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4613.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update",
"tracking": {
"current_release_date": "2024-09-16T06:17:59+00:00",
"generator": {
"date": "2024-09-16T06:17:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4613",
"initial_release_date": "2021-11-10T17:14:06+00:00",
"revision_history": [
{
"date": "2021-11-10T17:14:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-10T17:14:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T06:17:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services 1",
"product": {
"name": "Red Hat JBoss Core Services 1",
"product_id": "Red Hat JBoss Core Services 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Mikhail Egorov"
]
}
],
"cve": "CVE-2019-17567",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_proxy_wstunnel module tunnels non-upgraded connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17567"
},
{
"category": "external",
"summary": "RHBZ#1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17567",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use mod_proxy_wstunnel are affected by this flaw. It is also safe to comment-out the \"LoadModule proxy_wstunnel_module ... \" line in /etc/httpd/conf.modules.d/00-proxy.conf for configurations which do not rely on a websockets reverse proxy.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection"
},
{
"cve": "CVE-2019-20838",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848444"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20838"
},
{
"category": "external",
"summary": "RHBZ#1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Do not use more than one fixed quantifier with \\R or \\X with UTF disabled in PCRE or PCRE2, as these are the conditions needed to trigger the flaw.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Marc Stern"
]
}
],
"cve": "CVE-2020-13950",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966738"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In Apache httpd. The mod_proxy has a NULL pointer dereference. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13950"
},
{
"category": "external",
"summary": "RHBZ#1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy NULL pointer dereference"
},
{
"cve": "CVE-2020-14155",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848436"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Integer overflow when parsing callout numeric arguments",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14155"
},
{
"category": "external",
"summary": "RHBZ#1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by not compiling regular expressions with a callout value greater outside of 0-255 or handling the value passed to the callback within the application code.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Integer overflow when parsing callout numeric arguments"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2020-35452",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966724"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Single zero byte stack overflow in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35452"
},
{
"category": "external",
"summary": "RHBZ#1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Single zero byte stack overflow in mod_auth_digest"
},
{
"cve": "CVE-2021-3688",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1990252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
},
{
"category": "external",
"summary": "RHBZ#1990252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3688"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Manually add LocationMatch directive to deny any possible problem requests in the JBCS httpd configuration. For example:\n~~~\n\u003cLocationMatch \".*\\.\\.;.*\"\u003e\n Require all denied\n\u003c/LocationMatch\u003e\n~~~",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
],
"organization": "Ingo Schwarze",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2021-3712",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995634"
}
],
"notes": [
{
"category": "description",
"text": "It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial of Service attack, or possibly, memory disclosure. The highest threat from this vulnerability is to data confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read buffer overruns processing ASN.1 strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do not ship the affected OpenSSL component but rely on the Red Hat Enterprise Linux to consume them:\n * Red Hat Satellite\n * Red Hat Update Infrastructure\n * Red Hat CloudForms\n\nThe Red Hat Advanced Cluster Management for Kubernetes is using the vulnerable version of the library, however the vulnerable code path is not reachable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3712"
},
{
"category": "external",
"summary": "RHBZ#1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210824.txt",
"url": "https://www.openssl.org/news/secadv/20210824.txt"
}
],
"release_date": "2021-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read buffer overruns processing ASN.1 strings"
},
{
"cve": "CVE-2021-23840",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930324"
}
],
"notes": [
{
"category": "description",
"text": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: integer overflow in CipherUpdate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw only affects applications which are compiled with OpenSSL and using EVP_CipherUpdate, EVP_EncryptUpdate or EVP_DecryptUpdate functions. When specially-crafted values are passed to these functions, it can cause the application to crash or behave incorrectly.\n\nOpenSSL in Red Hat Enterprise Linux 9 was marked as not affected as its already fixed in RHEL9 Alpha release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23840"
},
{
"category": "external",
"summary": "RHBZ#1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: integer overflow in CipherUpdate"
},
{
"cve": "CVE-2021-23841",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930310"
}
],
"notes": [
{
"category": "description",
"text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a a null pointer dereference in the X509_issuer_and_serial_hash() function, which can result in crash if called by an application compiled with OpenSSL, by passing a specially-crafted certificate. OpenSSL internally does not use this function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23841"
},
{
"category": "external",
"summary": "RHBZ#1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "As per upstream \"The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources.\"",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2021-26690",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966729"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: NULL pointer dereference when parsing Cookie header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a null pointer deference caused when using mod_session. It can result in crash of httpd child process by a remote attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26690"
},
{
"category": "external",
"summary": "RHBZ#1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: NULL pointer dereference when parsing Cookie header"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christophe Jaillet"
]
}
],
"cve": "CVE-2021-26691",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966732"
}
],
"notes": [
{
"category": "description",
"text": "A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: Heap overflow via a crafted SessionHeader value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can result in a crash of the httpd child process when mod_session is used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26691"
},
{
"category": "external",
"summary": "RHBZ#1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: Heap overflow via a crafted SessionHeader value"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christoph Anton Mitterer"
]
}
],
"cve": "CVE-2021-30641",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966743"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was introduced when fixing https://access.redhat.com/security/cve/cve-2019-0220, therefore versions of httpd package shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Software Collections are affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30641"
},
{
"category": "external",
"summary": "RHBZ#1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "This issue can be mitigated by setting the \"MergeSlashes\" directive to OFF",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027"
},
{
"cve": "CVE-2021-34798",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005128"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference via malformed requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34798"
},
{
"category": "external",
"summary": "RHBZ#2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4613"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: NULL pointer dereference via malformed requests"
}
]
}
rhsa-2021_4614
Vulnerability from csaf_redhat
Published
2021-11-10 17:20
Modified
2024-09-16 06:18
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)
* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)
* httpd: Heap overflow in mod_session (CVE-2021-26691)
* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)
* httpd: MergeSlashes regression (CVE-2021-30641)
* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)
* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)
* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
* openssl: integer overflow in CipherUpdate (CVE-2021-23840)
* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)
* pcre: integer overflow in libpcre (CVE-2020-14155)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 10, fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* httpd: Single zero byte stack overflow in mod_auth_digest (CVE-2020-35452)\n* httpd: mod_session NULL pointer dereference in parser (CVE-2021-26690)\n* httpd: Heap overflow in mod_session (CVE-2021-26691)\n* httpd: mod_proxy_wstunnel tunneling of non Upgraded connection (CVE-2019-17567)\n* httpd: MergeSlashes regression (CVE-2021-30641)\n* httpd: mod_proxy NULL pointer dereference (CVE-2020-13950)\n* jbcs-httpd24-openssl: openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)\n* openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712)\n* openssl: integer overflow in CipherUpdate (CVE-2021-23840)\n* pcre: buffer over-read in JIT when UTF is disabled (CVE-2019-20838)\n* pcre: integer overflow in libpcre (CVE-2020-14155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4614",
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_4614.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP10 security update",
"tracking": {
"current_release_date": "2024-09-16T06:18:06+00:00",
"generator": {
"date": "2024-09-16T06:18:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:4614",
"initial_release_date": "2021-11-10T17:20:46+00:00",
"revision_history": [
{
"date": "2021-11-10T17:20:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-10T17:20:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T06:18:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 8",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.jbcs.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.el8jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.el8jbcs?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-20.redhat_1.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.el8jbcs?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.el8jbcs?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-107.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-107.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-84.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.78.0-2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-39.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-39.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1g-8.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-7.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-22.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-78.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-78.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-78.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-21.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-40.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.16-9.Final_redhat_2.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-67.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-20.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-20.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-20.redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-107.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-107.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-107.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite-debuginfo@1.6.1-84.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-debuginfo@7.78.0-2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-39.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-39.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-39.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs-debuginfo@1.1.1g-8.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-7.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-7.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11@0.4.10-22.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-pkcs11-debuginfo@0.4.10-22.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html-debuginfo@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session-debuginfo@2.4.37-78.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl-debuginfo@2.4.37-78.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-21.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-21.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-40.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-40.el8jbcs?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-20.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-20.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24-debuginfo@1.2.48-20.redhat_1.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.16-9.Final_redhat_2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.16-9.Final_redhat_2.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-67.GA.el8jbcs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"product": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-67.GA.el8jbcs?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-78.jbcs.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-78.el8jbcs?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64 as a component of Red Hat JBoss Core Services on RHEL 8",
"product_id": "8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
},
"product_reference": "jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64",
"relates_to_product_reference": "8Base-JBCS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Mikhail Egorov"
]
}
],
"cve": "CVE-2019-17567",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_proxy_wstunnel module tunnels non-upgraded connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17567"
},
{
"category": "external",
"summary": "RHBZ#1966740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17567",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17567"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17567"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use mod_proxy_wstunnel are affected by this flaw. It is also safe to comment-out the \"LoadModule proxy_wstunnel_module ... \" line in /etc/httpd/conf.modules.d/00-proxy.conf for configurations which do not rely on a websockets reverse proxy.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_proxy_wstunnel tunneling of non Upgraded connection"
},
{
"cve": "CVE-2019-20838",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848444"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20838"
},
{
"category": "external",
"summary": "RHBZ#1848444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20838"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Do not use more than one fixed quantifier with \\R or \\X with UTF disabled in PCRE or PCRE2, as these are the conditions needed to trigger the flaw.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Marc Stern"
]
}
],
"cve": "CVE-2020-13950",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966738"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In Apache httpd. The mod_proxy has a NULL pointer dereference. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_proxy NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13950"
},
{
"category": "external",
"summary": "RHBZ#1966738",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966738"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13950"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: mod_proxy NULL pointer dereference"
},
{
"cve": "CVE-2020-14155",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2020-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848436"
}
],
"notes": [
{
"category": "description",
"text": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pcre: Integer overflow when parsing callout numeric arguments",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14155"
},
{
"category": "external",
"summary": "RHBZ#1848436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14155"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by not compiling regular expressions with a callout value greater outside of 0-255 or handling the value passed to the callback within the application code.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pcre: Integer overflow when parsing callout numeric arguments"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2020-35452",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966724"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Single zero byte stack overflow in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35452"
},
{
"category": "external",
"summary": "RHBZ#1966724",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966724"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35452"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "httpd: Single zero byte stack overflow in mod_auth_digest"
},
{
"cve": "CVE-2021-3688",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1990252"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3688"
},
{
"category": "external",
"summary": "RHBZ#1990252",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1990252"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3688"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3688"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Manually add LocationMatch directive to deny any possible problem requests in the JBCS httpd configuration. For example:\n~~~\n\u003cLocationMatch \".*\\.\\.;.*\"\u003e\n Require all denied\n\u003c/LocationMatch\u003e\n~~~",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JBCS: URL normalization issue with dot-dot-semicolon(s) leads to information disclosure"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
],
"organization": "Ingo Schwarze",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2021-3712",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2021-08-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995634"
}
],
"notes": [
{
"category": "description",
"text": "It was found that openssl assumed ASN.1 strings to be NUL terminated. A malicious actor may be able to force an application into calling openssl function with a specially crafted, non-NUL terminated string to deliberately hit this bug, which may result in a crash of the application, causing a Denial of Service attack, or possibly, memory disclosure. The highest threat from this vulnerability is to data confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Read buffer overruns processing ASN.1 strings",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do not ship the affected OpenSSL component but rely on the Red Hat Enterprise Linux to consume them:\n * Red Hat Satellite\n * Red Hat Update Infrastructure\n * Red Hat CloudForms\n\nThe Red Hat Advanced Cluster Management for Kubernetes is using the vulnerable version of the library, however the vulnerable code path is not reachable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3712"
},
{
"category": "external",
"summary": "RHBZ#1995634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3712"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210824.txt",
"url": "https://www.openssl.org/news/secadv/20210824.txt"
}
],
"release_date": "2021-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Read buffer overruns processing ASN.1 strings"
},
{
"cve": "CVE-2021-23840",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-02-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930324"
}
],
"notes": [
{
"category": "description",
"text": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: integer overflow in CipherUpdate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw only affects applications which are compiled with OpenSSL and using EVP_CipherUpdate, EVP_EncryptUpdate or EVP_DecryptUpdate functions. When specially-crafted values are passed to these functions, it can cause the application to crash or behave incorrectly.\n\nOpenSSL in Red Hat Enterprise Linux 9 was marked as not affected as its already fixed in RHEL9 Alpha release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23840"
},
{
"category": "external",
"summary": "RHBZ#1930324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930324"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23840"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "openssl: integer overflow in CipherUpdate"
},
{
"cve": "CVE-2021-23841",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930310"
}
],
"notes": [
{
"category": "description",
"text": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a a null pointer dereference in the X509_issuer_and_serial_hash() function, which can result in crash if called by an application compiled with OpenSSL, by passing a specially-crafted certificate. OpenSSL internally does not use this function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23841"
},
{
"category": "external",
"summary": "RHBZ#1930310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23841"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20210216.txt",
"url": "https://www.openssl.org/news/secadv/20210216.txt"
}
],
"release_date": "2021-02-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "As per upstream \"The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources.\"",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: NULL pointer dereference in X509_issuer_and_serial_hash()"
},
{
"acknowledgments": [
{
"names": [
"the Apache project"
]
},
{
"names": [
"Antonio Morales"
],
"organization": "GHSL"
}
],
"cve": "CVE-2021-26690",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966729"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference was found in Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: NULL pointer dereference when parsing Cookie header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a null pointer deference caused when using mod_session. It can result in crash of httpd child process by a remote attacker.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26690"
},
{
"category": "external",
"summary": "RHBZ#1966729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26690"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26690"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: NULL pointer dereference when parsing Cookie header"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christophe Jaillet"
]
}
],
"cve": "CVE-2021-26691",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966732"
}
],
"notes": [
{
"category": "description",
"text": "A heap overflow flaw was found In Apache httpd mod_session. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_session: Heap overflow via a crafted SessionHeader value",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can result in a crash of the httpd child process when mod_session is used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-26691"
},
{
"category": "external",
"summary": "RHBZ#1966732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26691"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Only configurations which use the \"SessionEnv\" directive (which is not widely used) are vulnerable to this flaw. SessionEnv is not enabled in default configuration of httpd package shipped with Red Hat Products.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_session: Heap overflow via a crafted SessionHeader value"
},
{
"acknowledgments": [
{
"names": [
"the Apache project",
"Christoph Anton Mitterer"
]
}
],
"cve": "CVE-2021-30641",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1966743"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache httpd. A possible regression from an earlier security fix broke behavior of MergeSlashes. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was introduced when fixing https://access.redhat.com/security/cve/cve-2019-0220, therefore versions of httpd package shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Software Collections are affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-30641"
},
{
"category": "external",
"summary": "RHBZ#1966743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966743"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-30641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30641"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "This issue can be mitigated by setting the \"MergeSlashes\" directive to OFF",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Unexpected URL matching with \u0027MergeSlashes OFF\u0027"
},
{
"cve": "CVE-2021-34798",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2005128"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference in httpd allows an unauthenticated remote attacker to crash httpd by providing malformed HTTP requests. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: NULL pointer dereference via malformed requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34798"
},
{
"category": "external",
"summary": "RHBZ#2005128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2005128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34798"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2021-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4614"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.jbcs.el7.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-107.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-ldap-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-mysql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-nss-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-odbc-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-openssl-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-pgsql-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-apr-util-sqlite-debuginfo-0:1.6.1-84.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-curl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-curl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-78.el8jbcs.noarch",
"8Base-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-httpd-tools-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-debuginfo-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-libcurl-devel-0:7.78.0-2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.16-9.Final_redhat_2.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-21.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-ap24-debuginfo-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-20.redhat_1.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ldap-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-40.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_proxy_html-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-67.GA.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_session-debuginfo-0:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-mod_ssl-debuginfo-1:2.4.37-78.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-39.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-7.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-libs-debuginfo-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1g-8.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.src",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-22.el8jbcs.x86_64",
"8Base-JBCS:jbcs-httpd24-openssl-static-1:1.1.1g-8.el8jbcs.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: NULL pointer dereference via malformed requests"
}
]
}
Loading...